2255 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-10890
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to potentially exploit heap corruption via...
CVE-2026-11276
Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. Chromium security severity: Low...
CVE-2026-41859
A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials Basic auth header or UAA client secret and can tamper with the VM list that is written into the NATS authorization file. Stolen credentials grant administrative director access...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Cast Streaming component’s ability to reuse resources after they were released, potentially allowing attacker...
PT-2026-46527
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read exists in the Media component. This allows an attacker located on the local network segment to perform an out of bounds memory read by sending malicious network...
dotnet: .NET: infinite loop allows an attacker to cause a denial of service
A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...
dotnet: .NET: infinite loop allows an attacker to cause a denial of service
A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...
CVE-2026-47280
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
EUVD-2026-31550
A security vulnerability has been detected in Besen BS20 EV Charging Station up to 20260426. This affects an unknown part of the component BLE/WiFi. Such manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within the local network. Attacks of this...
EUVD-2026-31547
A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentials. The attack needs to be initiated within the local network. The original disclosure mentions,...
CVE-2026-9395
A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentials. The attack needs to be initiated within the local network. The original disclosure mentions,...
CVE-2026-42899
A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources. Mitigation Red Hat has investigated whether a possible...
CVE-2026-42901
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-9054
The provided documents describe CVE-2026-9054 as a network-facing kernel panic triggered when an attacker sends packets (TCP, IL, RUDP, RUDP, or GRE) whose length is shorter than the header size. The description is consistent across NVD entries and related sources, but there are no explicit detai...
UFONet 2.0
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc...
Astra Linux – Vulnerability in Mariadb 10.3
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. The supported versions affected are 5.7.35 and earlier, as well as 8.0.26 and earlier. This easily exploitable vulnerability allows a highly privileged attacker with network access via multiple protocols to compromise th...
Microsoft Defender 安全漏洞
Microsoft Defender is a threat protection software developed by the American company Microsoft. There is a security vulnerability in Microsoft Defender, which stems from a heap buffer overflow. Unauthorized attackers may execute code through the network as a result of this vulnerability...
CVE-2026-42822
Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network...
Exploit for Heap-based Buffer Overflow in Microsoft
CVE-2026-41096 Overview CVE-2026-41096 is a critical secu...
Security Updates for Microsoft Windows Admin Center (May 2026)
The Microsoft Windows Admin Center installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network. CVE-2026-35438 - Improper access...