Lucene search
K

18460 matches found

RedhatCVE
RedhatCVE
added 2026/07/01 11:1 p.m.5 views

CVE-2026-55594

A flaw was found in ImageMagick, free and open-source software for editing and manipulating digital images. A missing depth check in the MVG Magick Vector Graphics decoder can lead to a stack overflow when a remote attacker provides a specially crafted image. This vulnerability could result in a...

5.3CVSS5.8AI score0.00241EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/07/01 10:21 p.m.5 views

CVE-2026-14418

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00185EPSS
Exploits0
CVE
CVE
added 2026/07/01 10:21 p.m.13 views

CVE-2026-14388

The CVE-2026-14388 describes an out-of-bounds read in ANGLE used by Google Chrome, allowing a remote attacker to leak potentially sensitive data from process memory via a crafted HTML page. Affected software: Google Chrome/ANGLE; vulnerable component is ANGLE in the browser. The issue is triggere...

6.5CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.18 views

CVE-2026-14386

CVE-2026-14386 describes an Out-of-bounds read in ANGLE used by Google Chrome before version 150.0.7871.46. The issue could allow a remote attacker to obtain potentially sensitive information from a process’s memory via a crafted HTML page. The connected documents confirm Chrome/ANGLE involvement...

6.5CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 10:21 p.m.7 views

CVE-2026-14388

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00263EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.24 views

CVE-2026-14411

CVE-2026-14411 describes insufficient validation of untrusted input in ANGLE used by Google Chrome, prior to build 150.0.7871.46. The issue may allow a remote attacker to cause a sandbox escape via a crafted HTML page. Documented impact is a high-severity, likely remote threat affecting ANGLE int...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.24 views

CVE-2026-14401

Insufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00237EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 6:58 p.m.33 views

CVE-2026-55594 ImageMagick: Stack Overflow in MVG decoder due to missing depth check.

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder will result in a stack overflow when a crafted image is provided. This issue has been fixed in versions 6.9.13-51 and...

5.3CVSS0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/07/01 4:25 p.m.7 views

CVE-2026-53347

A flaw was found in the Linux kernel's drm/virtio driver. When the virtio-gpu driver is configured with Kernel Mode Setting KMS disabled, the display-related atomic and modesetting components are not properly initialized. This can lead to the system attempting to access uninitialized data during...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/01 3:4 p.m.37 views

CVE-2026-58038 Stored XSS through javascript URLs in SVGs generated by EasyTimeline

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl. This issue affects timeline: from before 1.46.0, 1.45.4,...

0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/07/01 2:41 p.m.11 views

CVE-2026-56365

A flaw was found in ImageMagick. A remote attacker could exploit a memory leak vulnerability in the Portable Network Graphics PNG encoder when it fails to write Multiple-image Network Graphics MNG images. This flaw allows attackers to exhaust memory resources, leading to a denial of service DoS...

6.3CVSS5.8AI score0.00284EPSS
Exploits0References5
CVE
CVE
added 2026/07/01 1:32 p.m.22 views

CVE-2026-53356

The CVE-2026-53356 entry concerns the Linux kernel DRM/I915 GEM code. The root cause is in sg_page() returning a struct page pointer instead of (void *) which mis-scales pread/pwrite for phys BO and can cause access to incorrect parts of a buffer when a non-zero offset is used. A fix was cherry-p...

5.8AI score0.00164EPSS
Exploits0References8
EUVD
EUVD
added 2026/07/01 1:32 p.m.6 views

EUVD-2026-40981

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio-gpu driver built with disabled KMS, leading to access of uninitialized data on driver removal/unbinding and crashing kernel...

5.8AI score0.00156EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40638

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.0029EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40561

Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.4 views

EUVD-2026-40475

Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00316EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.4 views

PT-2026-54833

Name of the Vulnerable Software and Affected Versions MCO version 25.3.3.1 Description The software is subject to Stored Cross-Site Scripting XSS, a flaw where malicious scripts are permanently stored on the target server. This occurs through the application logo upload functionality, allowing an...

5.4CVSS5.8AI score0.0014EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-14013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium...

4.3CVSS6.2AI score0.0019EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-13805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in GFX in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...

8.8CVSS6.3AI score0.00351EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-14049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain...

5.3CVSS6.2AI score0.00205EPSS
Exploits0References2
Rows per page
Query Builder