PT-2026-44576

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description Insufficient validation of untrusted input in Skia allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HT...

Oracle Payments 安全漏洞

Oracle Payments is a corporate payment processing and funding management platform owned by Oracle Corporation in the United States. Vulnerabilities exist in versions 12.2.3 to 12.2.15 of Oracle Payments, stemming from issues with the File Transmission component. These vulnerabilities could allow...

Oracle Internet Procurement Connector 安全漏洞

The Oracle Internet Procurement Connector is a corporate procurement system integration and data exchange component developed by Oracle, a company in the United States. Versions 12.2.3 to 12.2.15 of the Oracle Internet Procurement Connector contain security vulnerabilities. These vulnerabilities...

PT-2026-44598

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An out of bounds read and write issue in Dawn allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape is a technique...

PT-2026-44517

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Financials Common Modules versions 12.2.3 through 12.2.15 Description An issue in the Common Components component of Oracle Financials Common Modules allows a low privileged attacker with network access via HTTP ...

PT-2026-44607

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description Insufficient validation of untrusted input in the GPU allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted...

CVE-2026-48135

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

DRUPAL-CONTRIB-2026-038

The Basket module enables e-commerce and checkout functionality for Drupal sites. The module does not sufficiently sanitize user-supplied data before passing it to PHP's unserialize. An attacker can supply a crafted payload and trigger PHP Object Injection. If a viable gadget chain exists in the...

EUVD-2026-32559

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

SUSE CVE-2023-29452

Currently, geomap configuration Administration - General - Geographical maps allows using HTML in the field “Attribution text” when selected “Other” Tile provider...

FacturaScripts 代码问题漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia of Spain. Versions of FacturaScripts prior to 2025.81 contained code vulnerabilities. These vulnerabilities stemmed from the unlimited file upload feature in the product image upload function. Attackers could upload PHP file...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the use of Core components that allowed reusing after release, which could enable remote attackers to achieve...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability. This vulnerability stemmed from an issue with the ANGLE component where uninitialized resources were used, which could allow remote attackers to exploit th...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 148.0.7778.216 for Android, there was a security vulnerability associated with the WebGL component’s improper implementation. This vulnerability could allow remote attackers to exploit the system by using specially craft...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions of Google Chrome on Android prior to 148.0.7778.216, there was a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the GPU, which could allow remote attackers to execute a...

PT-2026-44623

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description Insufficient validation of untrusted input in ANGLE allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

PT-2026-44636

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An out of bounds read in ANGLE Almost Native Graphics Layer Engine on Windows allows a remote attacker to execute arbitrary code through a crafted HTML page. Recommendations Update to...

PT-2026-44559

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue exists in Views, which allows a remote attacker to execute arbitrary code. This is achieved by convincing a user to perform specific UI gestures while interactin...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the ANGLE component, which could allow remote attackers to exploit the...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from a problem with UI components that allowed reusing of resources after they were released. This could allow remote...