Lucene search
K

41181 matches found

CVE
CVE
added yesterday2 views

CVE-2026-14099

CVE-2026-14099 is a use-after-free vulnerability in Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47 . The issue could allow a remote attacker to potentially trigger heap corruption when a user is convinced to perform specific UI gestures on a crafted HTML page. The Chromium s...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday3 views

CVE-2026-14023

Google Chrome is affected by CVE-2026-14023 due to insufficient validation of untrusted input in SanitizerAPI. Versions prior to 150.0.7871.47 are vulnerable to a remote attacker bypassing the same-origin policy via a crafted HTML page. The issue is documented for Chrome/Chromium with a Medium se...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday3 views

CVE-2026-13777

CVE-2026-13777 : Insufficient validation of untrusted input in iOSWeb within Google Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to potentially trigger heap corruption via a crafted HTML page (Chromium security severity: Critical). Connected sources confirm the issue and identif...

5.8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added yesterday6 views

giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension

A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...

8.2CVSS7.6AI score0.00467EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday12 views

Cobbler 'XML-RPC' - Authentication Bypass

Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. utils.getsharedsecret always returns -1, which allows anyone to connect to cobbler...

9.8CVSS7.3AI score0.03948EPSS
Exploits6References3
NVD
NVD
added 2 days ago7 views

CVE-2026-13591

A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...

5CVSS0.00199EPSS
Exploits0References8
NVD
NVD
added 2 days ago9 views

CVE-2026-13590

A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...

6.3CVSS0.00394EPSS
Exploits0References9
NVD
NVD
added 2 days ago7 views

CVE-2026-13589

A vulnerability was identified in seladb PcapPlusPlus 25.05. This affects the function pcpp::TelnetLayer::getSubCommand of the file Packet++/src/TelnetLayer.cpp of the component Telnet Subnegotiation Packet Handler. The manipulation leads to heap-based buffer overflow. The attack can be initiated...

6.3CVSS0.0056EPSS
Exploits0References9
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-40156

A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56962807d3504b783ccdb6287f3e4. Affected by this issue is the function BufWriter::append of the component EtherNet IP Message Handler. Performing a manipulation results in out-of-bounds write. Remote exploitation of the attack is...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References9
CVE
CVE
added 2 days ago9 views

CVE-2026-13592

The CVE-2026-13592 issue affects liftoff-sr CIPster (up to commit e8e9dba09bf56962807d3504b783ccdb6287f3e4). The vulnerability is in BufWriter::append within the EtherNet IP Message Handler, where manipulation can cause an out-of-bounds write. It allows remote exploitation, and public exploits ar...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2 days ago7 views

CVE-2026-13591

A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...

5CVSS5.1AI score0.00199EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-13591 DeepMyst Mysti Contact Tracking ChannelBridge.ts _isTrackedConversation improper authorization

A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...

5CVSS0.00199EPSS
Exploits0References8
CVE
CVE
added 2 days ago8 views

CVE-2026-13590

The CVE-2026-13590 affects seladb PcapPlusPlus 25.05, specifically the Modbus Protocol Handler’s ModbusLayer getLength implementation in Packet++/header/ModbusLayer.h. The issue is a heap-based buffer overflow caused by manipulation of the length argument, with remote execution possible. Document...

6.3CVSS6.1AI score0.00394EPSS
Exploits0References9
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-40152

A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...

6.3CVSS6.1AI score0.00394EPSS
Exploits0References9
Cvelist
Cvelist
added 2 days ago36 views

CVE-2026-13590 seladb PcapPlusPlus Modbus Protocol ModbusLayer.h getLength heap-based overflow

A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...

6.3CVSS0.00394EPSS
Exploits0References9
CVE
CVE
added 2 days ago9 views

CVE-2026-13589

A vulnerability affects seladb PcapPlusPlus 25.05, specifically the Telnet Subnegotiation Packet Handler: pcpp::TelnetLayer::getSubCommand in Packet++/src/TelnetLayer.cpp. The issue is a heap-based buffer overflow that can be triggered remotely. The reported attack complexity is high, with no aut...

6.3CVSS5.8AI score0.0056EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-13589

A vulnerability was identified in seladb PcapPlusPlus 25.05. This affects the function pcpp::TelnetLayer::getSubCommand of the file Packet++/src/TelnetLayer.cpp of the component Telnet Subnegotiation Packet Handler. The manipulation leads to heap-based buffer overflow. The attack can be initiated...

6.3CVSS5.4AI score0.0056EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-40150

A vulnerability was identified in seladb PcapPlusPlus 25.05. This affects the function pcpp::TelnetLayer::getSubCommand of the file Packet++/src/TelnetLayer.cpp of the component Telnet Subnegotiation Packet Handler. The manipulation leads to heap-based buffer overflow. The attack can be initiated...

6.3CVSS5.8AI score0.0056EPSS
Exploits0References9
NVD
NVD
added 2 days ago8 views

CVE-2026-13583

A vulnerability has been found in Edimax EW-7478APC 1.04. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. Such manipulation of the argument ShareName/SelectName leads to buffer overflow. The attack may be performed from remote. The...

9CVSS0.00445EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-40148

A vulnerability was determined in seladb PcapPlusPlus 25.05. The impacted element is the function pcpp::SSLClientHelloMessage::getHandshakeVersion of the file Packet++/src/SSLHandshake.cpp of the component TLS Hello Handler. Executing a manipulation of the argument handshakeVersion can lead to...

6.3CVSS6.1AI score0.0038EPSS
Exploits0References9
Rows per page
Query Builder