Lucene search
K

2337 matches found

NVD
NVD
added 17 hours ago7 views

CVE-2026-21057

Improper input validation in Samsung Pass prior to version 5.2.10.3 allows local privileged attackers to write out-of-bounds memory...

6.8CVSS
Exploits0References1
NVD
NVD
added 17 hours ago8 views

CVE-2026-21048

Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS
Exploits0References1
NVD
NVD
added 17 hours ago8 views

CVE-2026-21045

Out-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS
Exploits0References1
Cvelist
Cvelist
added 17 hours ago7 views

CVE-2026-21057

Improper input validation in Samsung Pass prior to version 5.2.10.3 allows local privileged attackers to write out-of-bounds memory...

6.8CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 17 hours ago4 views

CVE-2026-21057

Improper input validation in Samsung Pass prior to version 5.2.10.3 allows local privileged attackers to write out-of-bounds memory...

6.8CVSS5.9AI score
Exploits0References2
Cvelist
Cvelist
added 17 hours ago9 views

CVE-2026-21048

Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS
Exploits0References1
EUVD
EUVD
added 17 hours ago4 views

EUVD-2026-42818

Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 17 hours ago6 views

CVE-2026-21045

Out-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 17 hours ago3 views

CVE-2026-21045

Out-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS6AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2 days ago7 views

Serena: Unauthenticated Flask dashboard on fixed port enables DNS rebinding → memory poisoning → RCE

Summary Serena's built-in web dashboard exposes an unauthenticated Flask API on a fixed, predictable port TCP 24282, hardcoded as 0x5EDA in constants.py. The server has no authentication, no CSRF protection, and no Host header validation. A DNS rebinding attack allows a malicious webpage to reach...

8.3CVSS6.7AI score0.00237EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-42126

mem0's openmemory/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary userid parameters or...

9.8CVSS6AI score0.00498EPSS
Exploits0References5
CVE
CVE
added 3 days ago21 views

CVE-2026-59705

CVE-2026-59705 concerns mem0’s openmemory/api component, where an unauthenticated access flaw allows reading, writing, and deleting arbitrary user memories via API routers registered without authentication middleware. Attackers can supply arbitrary user_id parameters or directly access memory ret...

9.8CVSS6AI score0.00498EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:32 p.m.5 views

CVE-2026-53354

In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete before the global observation of writes which are translated by an...

9.1CVSS6.2AI score0.0053EPSS
Exploits0References10Affected Software1
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40624

Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...

5.9AI score0.00316EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-13938

Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.9AI score0.00316EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-13938

Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00316EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.24 views

CVE-2026-13938

Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...

0.00316EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.12 views

CVE-2026-13938

CVE-2026-13938 affects Google Chrome fonts handling prior to 150.0.7871.47. The underlying issue is an integer overflow in the Fonts component that enables a remote attacker to induce an out-of-bounds memory write via a crafted HTML page. The vulnerability is described with a Chromium-derived sev...

8.8CVSS5.9AI score0.00316EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54215

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An integer overflow in the Fonts component allows a remote attacker to perform an out-of-bounds memory write by inducing the user to open a crafted HTML page. An integer overflow occurs...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
NVD
NVD
added 2026/06/26 10:16 p.m.10 views

CVE-2026-38571

Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...

4.6CVSS0.00113EPSS
Exploits0References1
Rows per page
Query Builder