41186 matches found
EUVD-2026-40712
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-40604
Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-40485
Use after free in QUIC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...
EUVD-2026-40469
Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-14099
CVE-2026-14099 is a use-after-free vulnerability in Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47 . The issue could allow a remote attacker to potentially trigger heap corruption when a user is convinced to perform specific UI gestures on a crafted HTML page. The Chromium s...
CVE-2026-14023
Google Chrome is affected by CVE-2026-14023 due to insufficient validation of untrusted input in SanitizerAPI. Versions prior to 150.0.7871.47 are vulnerable to a remote attacker bypassing the same-origin policy via a crafted HTML page. The issue is documented for Chrome/Chromium with a Medium se...
CVE-2026-13777
CVE-2026-13777 : Insufficient validation of untrusted input in iOSWeb within Google Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to potentially trigger heap corruption via a crafted HTML page (Chromium security severity: Critical). Connected sources confirm the issue and identif...
giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...
Cobbler 'XML-RPC' - Authentication Bypass
Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. utils.getsharedsecret always returns -1, which allows anyone to connect to cobbler...
CVE-2026-13590
A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...
CVE-2026-13591
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...
CVE-2026-13589
A vulnerability was identified in seladb PcapPlusPlus 25.05. This affects the function pcpp::TelnetLayer::getSubCommand of the file Packet++/src/TelnetLayer.cpp of the component Telnet Subnegotiation Packet Handler. The manipulation leads to heap-based buffer overflow. The attack can be initiated...
EUVD-2026-40156
A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56962807d3504b783ccdb6287f3e4. Affected by this issue is the function BufWriter::append of the component EtherNet IP Message Handler. Performing a manipulation results in out-of-bounds write. Remote exploitation of the attack is...
CVE-2026-13592
The CVE-2026-13592 issue affects liftoff-sr CIPster (up to commit e8e9dba09bf56962807d3504b783ccdb6287f3e4). The vulnerability is in BufWriter::append within the EtherNet IP Message Handler, where manipulation can cause an out-of-bounds write. It allows remote exploitation, and public exploits ar...
CVE-2026-13591
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...
CVE-2026-13591 DeepMyst Mysti Contact Tracking ChannelBridge.ts _isTrackedConversation improper authorization
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...
CVE-2026-13590
The CVE-2026-13590 affects seladb PcapPlusPlus 25.05, specifically the Modbus Protocol Handler’s ModbusLayer getLength implementation in Packet++/header/ModbusLayer.h. The issue is a heap-based buffer overflow caused by manipulation of the length argument, with remote execution possible. Document...
EUVD-2026-40152
A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...
CVE-2026-13590 seladb PcapPlusPlus Modbus Protocol ModbusLayer.h getLength heap-based overflow
A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...
CVE-2026-13589
A vulnerability affects seladb PcapPlusPlus 25.05, specifically the Telnet Subnegotiation Packet Handler: pcpp::TelnetLayer::getSubCommand in Packet++/src/TelnetLayer.cpp. The issue is a heap-based buffer overflow that can be triggered remotely. The reported attack complexity is high, with no aut...