Lucene search
K

205 matches found

CVE
CVE
added 6 days ago66 views

CVE-2026-15108

CVE-2026-15108: In Google Chrome, an Integer overflow in the Extensions API prior to 150.0.7871.115 allows an attacker to trigger an out-of-bounds memory read by convincing a user to install a crafted extension. Affected product: Google Chrome (Extensions API). Root cause: integer overflow in the...

4.3CVSS6AI score0.00125EPSS
Exploits0References2Affected Software1
NVD
NVD
added last week7 views

CVE-2026-59705

mem0's openmemory/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary userid parameters or...

9.8CVSS0.00498EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14048

Use after free in Chromecast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. Chromium security severity: Low...

6.5CVSS5.8AI score0.00116EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.166 views

CVE-2026-13950

CVE-2026-13950 affects Google Chrome (GPU component) with an uninitialized use in GPU that could allow a remote attacker who already compromised the renderer process to read potentially sensitive data from process memory via a crafted HTML page. Affected version range is Chrome before 150.0.7871....

5.3CVSS5.8AI score0.0029EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.27 views

CVE-2026-13875

Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.00281EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54247

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in Skia allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory by using a crafted HTML...

9.8CVSS6AI score0.00413EPSS
Exploits0References451
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54338

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An out of bounds read in the Chromecast component allows a local attacker to obtain potentially sensitive information from process memory through the use of malicious network traffic. A...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
CVE
CVE
added 2026/06/11 8:48 p.m.29 views

CVE-2026-12015

The CVE-2026-12015 entry describes a use-after-free in Chrome’s Autofill component handled in the renderer process. A remote attacker who can compromise the renderer could leverage a crafted HTML page to read potentially sensitive data from process memory. Affected software is Google Chrome (Auto...

5.3CVSS5.5AI score0.00227EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.9 views

CVE-2026-12015

Use after free in Autofill in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00227EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.19 views

Lenovo ThinkPad 加密问题漏洞

The Lenovo ThinkPad is a portable computer by the company Lenovo. The Lenovo ThinkPad has an encryption vulnerability, which stems from issues with the embedded controller firmware. This vulnerability may allow privileged local users to perform arbitrary read and write operations on privileged...

8.4CVSS5.5AI score0.00077EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:43 a.m.12 views

SUSE CVE-2026-11168

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00229EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-36355

The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK all known versions through v3.4.14B does not perform any access control checks on the writemem ioctl 0x89F5 and readmem ioctl 0x89F6 debug handlers, which are compiled into production builds via the unconditionally defined...

7.7CVSS5.5AI score0.00669EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.31 views

CVE-2026-11168

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.00229EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.35 views

CVE-2026-11089

Uninitialized Use in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.0025EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from the improper initialization of Dawn, which could allow remote attackers to obtain sensitive information from the process...

7.4CVSS5.3AI score0.00336EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/29 2:0 a.m.13 views

CVE-2026-8070

Incorrect permission assignment for a critical resource in Armoury Crate allows a local user to bypass the driver’s validation mechanism, resulting in unauthorized read and write access to physical memory.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security...

7.3CVSS5.8AI score0.0009EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 12:38 a.m.12 views

EUVD-2026-33150

Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00224EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.18 views

PT-2026-44743

Incorrect permission assignment for a critical resource in Armoury Crate allows a local user to bypass the driver’s validation mechanism, resulting in unauthorized read and write access to physical memory.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security...

7.3CVSS5.8AI score0.0009EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 10:25 p.m.8 views

CVE-2026-9908

Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00238EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/05/27 2:19 p.m.14 views

EUVD-2026-32520

Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when APITOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authentication for all HTTP requests. Combined with the default 0.0.0.0 host binding and CORS alloworigins="",...

8.7CVSS5.9AI score0.00215EPSS
Exploits0References1
Rows per page
Query Builder