Lucene search
K

31 matches found

CVE
CVE
added 3 days ago10 views

CVE-2026-13808

Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47 is affected by insufficient data validation that could allow a local attacker to read potentially sensitive information from process memory with physical device access. The issue is addressed in the Chrome 150/151 stable updates...

4.6CVSS5.8AI score0.00134EPSS
Exploits0References2Affected Software1
CVE
CVE
added 6 days ago26 views

CVE-2026-49417

CVE-2026-49417 is part of two memory-safety issues in FreeBSD’s sound(4) mmap path. The advisories describe: (1) dsp_mmap_single() could overflow when validating a requested mapping, allowing a mapping to extend past the audio buffer into kernel memory (CVE-2026-45258), and (2) the audio buffer b...

7CVSS5.9AI score0.00125EPSS
Exploits0References1Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, from version 5.19.9 onwards, the drivers/scsi/stex.c file allows local users to access sensitive information from kernel memory. This occurs because the stexqueuecommandlck function lacks a memset for the PASSTHRUCMD case...

5.5CVSS6.2AI score0.0028EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.7 views

SAMSUNG Android USB Driver 安全漏洞

The SAMSUNG Android USB Driver is a driver program developed by South Korean company Samsung. Versions of the SAMSUNG Android USB Driver for Windows prior to 1.9.5.0 contain security vulnerabilities. These vulnerabilities stem from improper input validation, which may allow local attackers to...

5.9CVSS5.3AI score0.00101EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 11:6 p.m.39 views

CVE-2026-11281

Integer overflow in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted ETW event. Chromium security severity: Low...

0.00085EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a buffer error vulnerability, which was caused by GWP-ASan out-of-bound reading. This vulnerability could allow local attackers to obtain potentially sensitive information from the process...

6.5CVSS5.5AI score0.00169EPSS
Exploits0References2
CVE
CVE
added 2026/02/12 5:31 p.m.12 views

CVE-2023-20601

CVE-2023-20601 affects the RAS TA Driver. The issue is improper input validation that can allow a local attacker to read/write out-of-bounds memory, potentially causing a denial-of-service. Red Hat and NVD entries corroborate the vulnerability description; exploitation is local and implies elevat...

4.6CVSS5.5AI score0.0016EPSS
Exploits0References1
Information Security Automation
Information Security Automation
added 2026/01/24 9:40 a.m.9 views

About Information Disclosure – Desktop Window Manager (CVE-2026-20805) vulnerability

About Information Disclosure - Desktop Window Manager CVE-2026-20805 vulnerability. Desktop Window Manager is a compositing window manager that has been part of Windows since Windows Vista. Exploitation of the vulnerability, which was addressed in the January Microsoft Patch Tuesday, allows a loc...

5.5CVSS6.1AI score0.05028EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000737)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000737 advisory. The atalkrecvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure...

4.9CVSS6.9AI score0.00434EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000848)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000848 advisory. The overriderelease function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a unam...

4.9CVSS5.5AI score0.00959EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002059)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002059 advisory. The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local...

7.8CVSS6.3AI score0.00437EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002296)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002296 advisory. arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA...

7.2CVSS7AI score0.00469EPSS
Exploits0References14
EUVD
EUVD
added 2025/11/10 9:30 p.m.5 views

EUVD-2025-50796

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

5.5CVSS5AI score0.00074EPSS
Exploits1References3
NVD
NVD
added 2025/10/10 7:15 a.m.5 views

CVE-2025-21068

Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory...

7.1CVSS0.00112EPSS
Exploits0References1
NVD
NVD
added 2025/10/10 7:15 a.m.8 views

CVE-2025-21066

Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory...

7.1CVSS0.00112EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/10 6:33 a.m.3 views

CVE-2025-21068

Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory...

4CVSS6.1AI score0.00112EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/10 6:33 a.m.5 views

EUVD-2025-33678

Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory...

4CVSS6AI score0.0011EPSS
Exploits0References2
CVE
CVE
added 2025/06/04 4:56 a.m.51 views

CVE-2025-20992

CVE-2025-20992 affects Samsung’s library libsecimaging.camera.samsung.so (pre‑SMR Feb‑2025 Release 1). The root cause is an out‑of‑bounds read, enabling a local attacker to read memory. Impacted component: libsecimaging.camera.samsung.so; affected context is Samsung Mobile/SMR releases prior to F...

7.7CVSS6.6AI score0.00133EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 6:41 p.m.12 views

CVE-2021-38150

When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the...

6.5CVSS6.6AI score0.005EPSS
Exploits0References1
CVE
CVE
added 2025/02/04 7:19 a.m.74 views

CVE-2025-20887

CVE-2025-20887 refers to an out-of-bounds read in the svp8t table accessed by libsthmbc.so, affected on Samsung Mobile devices prior to SMR Jan-2025 Release 1. Local attackers can read arbitrary memory with user interaction required to trigger the issue. The vulnerability is documented across mul...

5.5CVSS6.9AI score0.00133EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder