Lucene search
K

32462 matches found

OSV
OSV
added 2026/07/01 11:16 p.m.2 views

DEBIAN-CVE-2026-14385

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00327EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 10:22 p.m.29 views

CVE-2026-14390

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00235EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 10:21 p.m.19 views

CVE-2026-14402

CVE-2026-14402 describes an uninitialized use in ANGLE within Google Chrome on Windows, prior to version 150.0.7871.46. The issue allows a remote attacker to potentially read sensitive data from a process's memory via a crafted HTML page. Affected component is ANGLE in Chrome’s Windows build; und...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/07/01 10:21 p.m.4 views

CVE-2026-14422

Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00271EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.33 views

CVE-2026-14385

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

0.00327EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 10:21 p.m.8 views

CVE-2026-14385

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

6.1AI score0.00327EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.21 views

CVE-2026-14385

CVE-2026-14385 : Heap buffer overflow in ANGLE within Google Chrome on macOS prior to 150.0.7871.46 allows a remote attacker to trigger out-of-bounds memory access via a crafted HTML page. The issue affects ANGLE in Chrome and is tied to the macOS build; CVSS v3.1 base score: 8.8 (High). Remediat...

8.8CVSS6.1AI score0.00327EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/07/01 6:20 p.m.5 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.8AI score0.00558EPSS
Exploits0References5
Securelist
Securelist
added 2026/07/01 10:0 a.m.24 views

The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign

UPD 03.07.2026: added a package of rules and recommendations that help detect the described malicious activity for companies using our Kaspersky SIEM system. Introduction To access compromised systems, threat actors frequently abuse legitimate remote monitoring tools. At first glance, these...

6.1AI score
Exploits0
Nuclei
Nuclei
added 2026/07/01 3:36 a.m.55 views

PRTG Network Monitor - Local File Inclusion

PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write privileges including administrator. A remote unauthenticated user can craft an HTTP request and override attributes of the 'include' directive in /public/login.htm and perform a Local...

9.8CVSS7.6AI score0.8646EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:33 a.m.7 views

CVE-2026-7839

UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password. In repeater/webgui/settings.c:197, when settings2.txt is absent on first run the repeater writes the literal string "adminadmi2" as the admin password via strcpyssavedpassword, 64,...

9.1CVSS5.8AI score0.00374EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 3:33 a.m.8 views

EUVD-2026-40880

UltraVNC repeater through 1.8.2.2 contains an integer overflow in the HTTP request logging path. In repeater/webgui/settings.c:336, the winlog function allocates list nodes via mallocsizeofstruct LIST + strlenline, where line is derived from HTTP request URIs. If strlenline is sufficiently large,...

5.3CVSS6.2AI score0.01057EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40675

Incorrect security UI in Mobile in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.0019EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-14148

Type Confusion in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.4 views

CVE-2026-14052

Insufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00221EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-13954

Insufficient policy enforcement in XML in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00288EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.7 views

CVE-2026-13897

Insufficient policy enforcement in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00304EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.25 views

CVE-2026-14008

Uninitialized Use in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.0025EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.12 views

CVE-2026-13958

CVE-2026-13958 concerns Google Chrome on Windows prior to 150.0.7871.47 where an uninitialized use in the codecs component could allow a remote attacker to read potentially sensitive data from process memory via a crafted HTML page. This is the explicit vulnerability scenario described across mul...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/30 1:11 p.m.6 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS6.6AI score0.00558EPSS
Exploits0References5
Rows per page
Query Builder