Lucene search
K

15276 matches found

Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.10 views

CVE-2026-13905

Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00092EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-13877

CVE-2026-13877 involves insufficient validation of untrusted input in ANGLE used by Google Chrome before version 150.0.7871.47. The issue allows a remote attacker who has already compromised the renderer process to potentially read sensitive data from process memory through a crafted HTML page. T...

5.3CVSS5.8AI score0.00265EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.164 views

CVE-2026-13874

CVE-2026-13874 describes a race in DataTransfer in Google Chrome (Chromium) prior to version 150.0.7871.47 that could allow a remote attacker to read potentially sensitive information from a process’s memory via a crafted HTML page. The issue is a data race in the DataTransfer pathway, with a net...

5.3CVSS5.8AI score0.00198EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.26 views

CVE-2026-13808

Insufficient data validation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: High...

0.00134EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13808

Insufficient data validation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: High...

4.6CVSS5.8AI score0.00134EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:37 p.m.90 views

CVE-2026-13808

Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47 is affected by insufficient data validation that could allow a local attacker to read potentially sensitive information from process memory with physical device access. The issue is addressed in the Chrome 150/151 stable updates...

4.6CVSS5.8AI score0.00134EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/30 8:9 p.m.18 views

kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path

A flaw was found in the Linux kernel, specifically within the RDMA Remote Direct Memory Access vmwpvrdma module. This vulnerability is a double free, which means the system attempts to release the same memory resource twice. This can occur in an error handling path within the pvrdmaallocucontext...

7.8CVSS5.8AI score0.00143EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/30 1:56 p.m.8 views

CVE-2026-14178

openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...

5.9CVSS5.8AI score0.00351EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/30 11:12 a.m.6 views

PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions

A flaw was found in PHP. Some functions, including urldecode, incorrectly pass signed characters to character type ctype functions. On certain systems, this can lead to accessing memory with a negative offset. This vulnerability can be exploited by an attacker to trigger a denial of service DoS,...

7.5CVSS7AI score0.00337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 7:5 a.m.8 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 7:5 a.m.8 views

Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

8.8CVSS6.4AI score0.02995EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54152

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the GPU component on Windows allows a remote attacker who has already compromised the renderer process to obtain potentially sensitive...

9.6CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.13 views

PT-2026-54423

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A type confusion issue exists in the CSS component, which allows a remote attacker to obtain potentially sensitive information from process memory by using a specially crafted HTML page...

9.6CVSS6AI score0.00448EPSS
Exploits0References449
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-54387

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Enterprise component allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is convince...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54356

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in DevTools allows an attacker to obtain potentially sensitive information from process memory. This occurs if an attacker convinces a user to install a...

9.8CVSS5.9AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54230

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient policy enforcement in XML allows a remote attacker to obtain potentially sensitive information from process memory by inducing the user to visit a crafted HTML...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54191

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 150.0.7871.47 Description An inappropriate implementation in the Passwords component allows a local attacker to obtain potentially sensitive information from process memory by using a malicious file...

9.6CVSS5.9AI score0.00479EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.13 views

PT-2026-54392

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in DevTools on Windows allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54326

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in the GamepadAPI allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory through a crafte...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54394

Name of the Vulnerable Software and Affected Versions Google Chrome on Windows versions prior to 150.0.7871.47 Description A type confusion issue exists in the Bluetooth component. This allows an attacker located on the same local network segment to retrieve potentially sensitive information from...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Rows per page
Query Builder