Lucene search
K

5242 matches found

Cvelist
Cvelist
added 2026/06/30 10:37 p.m.21 views

CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

0.00276EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.3 views

CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00276EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13819

Out of bounds read in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.8AI score0.00308EPSS
Exploits0
OSV
OSV
added 2026/06/30 1:19 p.m.3 views

UBUNTU-CVE-2026-58013

A flaw was found in GLib. A buffer over-read can occur in giochannelreadlinebackend in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes ...

8.2CVSS5.9AI score0.00329EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54217

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in the Cast component allows an attacker on the local network segment to obtain potentially sensitive information from process memory by sending malicious network...

9.6CVSS5.9AI score0.00413EPSS
Exploits0References439
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54365

Name of the Vulnerable Software and Affected Versions Google Chrome on ChromeOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the CameraCapture component allows a remote attacker to perform an out-of-bounds memory read, which occurs when a user visits a...

9.8CVSS6AI score0.00413EPSS
Exploits0References438
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54251

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 150.0.7871.47 Description An out-of-bounds read exists in ANGLE, a graphics abstraction layer. A remote attacker who has already compromised the renderer process can use a specially crafted HTML page to...

9.6CVSS6AI score0.00413EPSS
Exploits0References437
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54246

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in the Media component allows a remote attacker who has already compromised the renderer process to retrieve potentially sensitive information from process memory...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54226

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in the GPU component allows a remote attacker who has already compromised the renderer process to retrieve potentially sensitive information from process memory. Th...

9.6CVSS6AI score0.00413EPSS
Exploits0References439
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-57437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document...

6.3CVSS6.1AI score0.00312EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/28 1:32 a.m.6 views

CVE-2026-58058

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

6.9CVSS5.9AI score0.00278EPSS
Exploits0
NVD
NVD
added 2026/06/26 10:16 p.m.10 views

CVE-2026-38571

Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...

4.6CVSS0.00113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/26 9:25 p.m.9 views

CVE-2026-57437

A flaw was found in Nokogiri, an XML and HTML library for Ruby. This vulnerability occurs when an application directly constructs an XPathContext and allows its associated document to be garbage collected while the context is still in use. An attacker could potentially exploit this by causing the...

6.3CVSS5.6AI score0.00312EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 10:41 a.m.5 views

EUVD-2026-39645

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces 0.0.0.0/:: on a random port with no authentication, peer allow-list, or handshake toke...

8.5CVSS5.8AI score0.00175EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.21 views

CVE-2026-38571

Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...

0.00113EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 12:0 a.m.5 views

CVE-2026-38571

Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...

4.6CVSS6AI score0.00113EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 12:0 a.m.9 views

CVE-2026-38571

The CVE-2026-38571 case concerns the Tenda N300 F3 device (version V603), where the unauthenticated UART debug console stores WPA2 credentials in cleartext and does not require authentication for rr/wr memory read/write commands. This enables a physically proximate attacker to extract stored WPA2...

4.6CVSS6AI score0.00113EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.9 views

PT-2026-52842

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Kernel software running within a Host VM can send improper commands to the GPU Firmware. This allows the firmware to perform memory read or write operations...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 10:39 p.m.5 views

CVE-2026-47729

A flaw was found in Squid. Due to improper input validation, an out-of-bounds read can occur in the FTP gateway. This issue allows an authenticated and trusted client to read memory from random transactions when accessing a misbehaving FTP server using the Squid gateway feature. Mitigation When F...

6.5CVSS5.8AI score
Exploits1References4
OSV
OSV
added 2026/06/25 8:17 p.m.4 views

UBUNTU-CVE-2026-12340

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

7.5CVSS5.8AI score0.00226EPSS
Exploits0References4
Rows per page
Query Builder