Lucene search
K

1367 matches found

EUVD
EUVD
added 20 hours ago6 views

EUVD-2026-40738

Uninitialized Use in GamepadAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.8AI score
Exploits0References3
EUVD
EUVD
added 20 hours ago5 views

EUVD-2026-40638

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 20 hours ago5 views

EUVD-2026-40646

Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score
Exploits0References3
NVD
NVD
added yesterday5 views

CVE-2026-14117

Insufficient validation of untrusted input in DevTools in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security...

5.3CVSS
Exploits0References2
NVD
NVD
added yesterday5 views

CVE-2026-14070

Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

6.5CVSS
Exploits0References2
OSV
OSV
added yesterday2 views

DEBIAN-CVE-2026-14061

Inappropriate implementation in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-14051

Uninitialized Use in GamepadAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

6.5CVSS
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-13971

Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS
Exploits0References2
CVE
CVE
added yesterday11 views

CVE-2026-14112

The CVE-2026-14112 entry describes an inappropriate implementation in Google Chrome (enterprise) prior to version 150.0.7871.47 that could allow a remote attacker to extract potentially sensitive data from process memory when a user is persuaded to perform specific UI gestures via a crafted HTML ...

5.3CVSS5.8AI score
Exploits0References2Affected Software1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-14112

Inappropriate implementation in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
Cvelist
Cvelist
added yesterday21 views

CVE-2026-13933

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
added 6 days ago12 views

CVE-2026-6432

The CVE-2026-6432 entry concerns EmberZNet SDK versions 9.0.2 and earlier, with a root cause of improper bounds validation. This can lead to crashes or dynamic memory leakage. The available documents do not specify additional details such as affected products beyond EmberZNet SDK, release version...

5.3CVSS5.8AI score0.00308EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 a.m.7 views

CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS0.00106EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 9:16 p.m.7 views

CVE-2026-12891

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...

4.3CVSS0.00265EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 9:16 p.m.4 views

UBUNTU-CVE-2026-12891

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...

4.3CVSS5.7AI score0.00265EPSS
Exploits0References6
CVE
CVE
added 2026/06/23 7:53 p.m.19 views

CVE-2026-12891

The CVE-2026-12891 issue affects the GStreamer gst-plugins-bad package, specifically the H.266/VVC parser. A malformed H.266/VVC stream with a crafted aspect ratio indicator value can cause an out-of-bounds read of up to 8 bytes from adjacent memory. This could enable an attacker to craft a malic...

4.3CVSS5.7AI score0.00265EPSS
Exploits0References3Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.10 views

PT-2026-51589

Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-bad affected versions not specified Description A flaw in the H.266 parser occurs when processing a malformed H.266/VVC video stream containing a crafted aspect ratio indicator value. This leads to an out-of-bounds read o...

4.3CVSS5.7AI score0.00265EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/22 9:55 p.m.23 views

CVE-2026-53923 vLLM GGUF Kernels: int64_t to int truncation of tensor dimensions causes GPU buffer overflow

vLLM is an inference and serving engine for large language models LLMs. From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels csrc/quantization/gguf/ggufkernel.cu causes partial tensor processing. The output tensor is allocated at full size via...

5.3CVSS0.00281EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/19 7:35 p.m.3 views

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the formattr function when parsing a JSON object with a key of 254 bytes or longer using Oj.load in :object mode. An attacker can obtain sensitive stack memory contents by supplying a crafted JSON payloa...

6.9CVSS5.9AI score
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in grub2

A out-of-bounds read flaw was discovered in Grub2’s NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack can result in sensitive data cached in memory or EFI variabl...

5.3CVSS6.7AI score0.00496EPSS
Exploits1References2
Rows per page
Query Builder