Apache Tomcat Tribes EncryptInterceptor Bypass - Remote Code Execution

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. id: CVE-2026-34486 info: name: Apache Tomcat Tribes EncryptInterceptor Bypass - Remote...

CVE-2026-46885

Vulnerability in the Siebel CRM Integration product of Oracle Siebel CRM component: EAI. Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel CRM Integration. Successful attacks of thi...

EyesOfNetwork - Hardcoded API Key

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token. id: CVE-2020-8657 info: name:...

PT-2026-50000

Name of the Vulnerable Software and Affected Versions Oracle JD Edwards EnterpriseOne General Ledger version 9.2 Description A flaw in the E1 Foundation component allows a low-privileged attacker with network access via SMB Server Message Block, a network file sharing protocol to compromise the...

CVE-2026-38063

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionradioonwithiaapn via the ia parameter...

CVE-2026-48043

Netty is a network application framework for development of protocol servers and clients. In netty-codec-http2 prior to versions 4.1.135.Final and 4.2.15.Final, the DelegatingDecompressorFrameListener class orchestrates HTTP/2 decompression by embedding a per-stream EmbeddedChannel that runs the...

DEBIAN-CVE-2026-12012

Use after free in Network in Google Chrome prior to 149.0.7827.115 allowed an attacker in a privileged network position to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-2293)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is setCVE-2025-71089 tls: Fix...

Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

EUVD-2026-35251

Use after free in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Important: dotnet9.0

Issue Overview: Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. CVE-2026-32177 Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network. CVE-2026-42899 Affected Packages:...

SUSE CVE-2026-10905

Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Google Chrome < 149.0.7827.53 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 149.0.7827.53. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop advisory. - Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a...

Google Chrome < 149.0.7827.53 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 149.0.7827.53. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop advisory. - Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a...

CVE-2026-45290 Cloudburst Network has DoS in RakNet connection handling due to missing bound checks

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to 1.0.0.CR3-20260417.085727-30 impacts publicly accessible software depending on the affected versions of Network and allows an attacker to exploit a vulnerability in Network to stal...

Chromium: CVE-2026-11030 Use after free in Network

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-10905 Use after free in Network

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2026-34545

Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11249

The CVE-2026-11249 entry describes a use-after-free in the Network component of Google Chrome affecting versions prior to 149.0.7827.53 . A remote attacker who has already compromised the renderer process could craft an HTML page to read potentially sensitive data from process memory. The connect...

CVE-2026-11194

Inappropriate implementation in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...