256943 matches found
Microsoft azure kubernetes service 路径遍历漏洞
Microsoft Azure Kubernetes Service is a service provided by Microsoft Corporation for deploying, managing, and scaling containerized applications. Microsoft Azure Kubernetes Service has a path traversal vulnerability. Attackers can exploit this vulnerability to execute code remotely...
Adobe Acrobat Reader DC Multimedia Rendition Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...
PT-2026-48344
Summary An OS Command Injection vulnerability in the terminal action handler allows any authenticated user to execute arbitrary OS commands by injecting shell metacharacters into the 'dir' POST parameter, completely bypassing the TERMINAL COMMANDS whitelist and achieving full Remote Code Executio...
FreeBSD -- Multiple vulnerabilities in unbound
Problem Description: Multiple vulnerabilities have been reported in Unbound. Instead of listing detailed writeups for each issue, please see the upstream advisories referenced below. CVE-2026-32792: Packet of death with DNSCrypt CVE-2026-33278: Possible remote code execution during DNSSEC...
Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft...
CVE-2026-11694
Technical details (affected product, root cause, exploitability) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-11690
Summary: CVE-2026-11690 describes an out-of-bounds read/write in Media component of Google Chrome on macOS, prior to version 149.0.7827.103. A remote attacker who has compromised the renderer process could execute arbitrary code inside the sandbox via a crafted HTML page. The issue is rated High ...
CVE-2026-11688
Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11688
Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11688
Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11688
Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11683
Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11683
CVE-2026-11683 affects Google Chrome’s WebCodecs. The root cause is a use-after-free in WebCodecs that allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. The vulnerability is in Chrome versions prior to 149.0.7827.103 (Chromium-based). Impact is described...
CVE-2026-11683
Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11683
Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11680
Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11680
CVE-2026-11680 describes a use-after-free in the Media component of Google Chrome on Windows, before version 149.0.7827.103. The underlying issue reportedly allows a remote attacker to execute arbitrary code inside Chrome’s sandbox via a crafted HTML page. Affected software is Chrome for Windows;...
CVE-2026-11680
Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11680
Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11674
Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...