Lucene search
K

2531 matches found

Nuclei
Nuclei
added 9 hours ago33 views

Apache DolphinScheduler >= 3.1.0, < 3.2.2 Resource File Read And Write

File read and write vulnerability in Apache DolphinScheduler, authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler from 3.1.0 before 3.2.2. id: CVE-2024-30188 info: name: Apache DolphinScheduler = 3.1.0, 3.2.2 Resource File Read And Write...

8.8CVSS5.8AI score0.05987EPSS
Exploits0References3
CVE
CVE
added yesterday9 views

CVE-2026-14420

Summary (CVE-2026-14420): Out-of-bounds read/write in Dawn (Chrome’s Dawn integration) in Google Chrome

9.6CVSS5.8AI score
Exploits0References2Affected Software1
NVD
NVD
added yesterday4 views

CVE-2026-55628

In versions prior to 7.1.2-26he, the -concatenate operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26...

5.5CVSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-6685

FatFs CVE-2026-6685 affects FatFs R0.16 and earlier, where a stale dirty-cache skip can occur due to an unsigned-subtraction wrap in f_read() and f_write() during interleaved reads/writes on fragmented filesystems (fp-&gt;sect - sect &lt; cc). The root cause is an integer underflow (CWE-191) in t...

6.1CVSS5.8AI score
Exploits2References4Affected Software1
EUVD
EUVD
added yesterday7 views

EUVD-2026-40809

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

6AI score0.00182EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-40517

Out of bounds read and write in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00256EPSS
Exploits0References3
OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-14122

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS6AI score0.00182EPSS
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-14122

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS0.00182EPSS
Exploits0References2
OSV
OSV
added 2 days ago4 views

DEBIAN-CVE-2026-13831

Out of bounds read and write in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00256EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago19 views

CVE-2026-14152

Out of bounds read and write in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

0.0017EPSS
Exploits0References2
CVE
CVE
added 2 days ago6 views

CVE-2026-14152

CVE-2026-14152 involves an out-of-bounds read and write in ANGLE used by Google Chrome. The vulnerability could allow a remote attacker who has compromised the renderer process to potentially escape the Chrome sandbox via a crafted HTML page. The affected component is ANGLE within Chrome, with im...

9.6CVSS5.8AI score0.0017EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2 days ago20 views

CVE-2026-14122

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

0.00182EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago5 views

CVE-2026-14122

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS6AI score0.00182EPSS
Exploits0
CVE
CVE
added 2 days ago8 views

CVE-2026-14122

The CVE-2026-14122 entry describes an issue in Google Chrome on Windows affecting the WebAppInstalls component of Chromium. The root cause is insufficient validation of untrusted input, allowing a remote attacker to perform arbitrary read/write via a crafted HTML page. The vulnerability impacts C...

8.1CVSS6AI score0.00182EPSS
Exploits0References2Affected Software1
OSV
OSV
added 3 days ago5 views

PYSEC-2026-512 Radicale is vulnerable to directory traversal on Windows Filesystem Storage Backend component

The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore...

10CVSS7.5AI score0.02592EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 6 days ago8 views

CVE-2026-54905

A flaw was found in concurrent-ruby. The Concurrent::ReentrantReadWriteLock component can incorrectly grant a write lock to a thread while other threads still hold or can acquire read locks. This occurs when a thread acquires a read lock 32,768 times, causing an internal counter to incorrectly...

5.5CVSS5.6AI score0.00106EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-37951

mcp-pinot: Unauthenticated tool invocation via default oauthenabled=False + host 0.0.0.0 bind...

10CVSS5.8AI score0.00498EPSS
Exploits0References5
Cvelist
Cvelist
added 6 days ago21 views

CVE-2026-38571

Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...

0.00113EPSS
Exploits0References1
CVE
CVE
added 6 days ago8 views

CVE-2026-38571

The CVE-2026-38571 case concerns the Tenda N300 F3 device (version V603), where the unauthenticated UART debug console stores WPA2 credentials in cleartext and does not require authentication for rr/wr memory read/write commands. This enables a physically proximate attacker to extract stored WPA2...

4.6CVSS6AI score0.00113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/25 5:17 p.m.4 views

CVE-2026-54906

A flaw was found in concurrent-ruby, a Ruby library for managing concurrent operations. The Concurrent::ReadWriteLock component contains a synchronization issue where write locks can be released by unauthorized threads. This could allow multiple threads to write concurrently, potentially leading ...

9.8CVSS5.7AI score0.0016EPSS
Exploits0References4
Rows per page
Query Builder