Lucene search
K

683 matches found

Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-39291

Name of the Vulnerable Software and Affected Versions Elixir WebRTC versions prior to 0.15.1 Elixir WebRTC versions prior to 0.16.1 Description Missing DTLS peer certificate fingerprint validation in the DTLS client active role removes one side of WebRTC's mutual authentication. When acting as th...

8.7CVSS5.9AI score0.00255EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ufs: core: Fix SError in ufshcdrtcwork during UFS suspend In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work, but it is placed...

4.7CVSS6AI score0.00089EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2026/05/07 12:0 a.m.15 views

KLA91023 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in the DOM: Networking component can be exploited...

6.6AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-7987

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS6.1AI score0.00338EPSS
Exploits0References2
NVD
NVD
added 2026/05/06 7:16 p.m.6 views

CVE-2026-7951

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00383EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 6:13 p.m.6 views

CVE-2026-7988

Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.2AI score0.00307EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/06 6:13 p.m.6 views

CVE-2026-7987

Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00338EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/06 6:13 p.m.6 views

CVE-2026-7987

Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.2AI score0.00338EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 6:13 p.m.16 views

CVE-2026-7988

CVE-2026-7988 describes a type confusion in WebRTC within Google Chrome. A remote attacker could run arbitrary code inside the browser sandbox by crafting an HTML page. Affected software is Google Chrome, prior to version 148.0.7778.96. The issue is fixed in Chrome 148.0.7778.96 (and the associat...

8.8CVSS6.2AI score0.00307EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 6:13 p.m.4 views

CVE-2026-7988

Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00307EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/06 6:13 p.m.11 views

CVE-2026-7987

Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00338EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.33 views

CVE-2026-7951

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

0.00383EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 6:12 p.m.22 views

CVE-2026-7951

CVE-2026-7951 concerns an out-of-bounds write in WebRTC in Google Chrome prior to 148.0.7778.96. The described impact is remote code execution inside the Chrome sandbox via a crafted HTML page. The vulnerability affects Google Chrome’s WebRTC component; the root cause is an out-of-bounds write th...

8.8CVSS6.2AI score0.00383EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/06 6:12 p.m.9 views

CVE-2026-7951

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00383EPSS
Exploits0
CVE
CVE
added 2026/05/06 6:12 p.m.13 views

CVE-2026-7928

Use-after-free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected: Chrome (Windows) with WebRTC; root cause: use-after-free in WebRTC. Impact: high; exploitability limited to a craft...

8.8CVSS6.2AI score0.00338EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.11 views

openSUSE 16 Security Update : MozillaThunderbird (openSUSE-SU-2026:20664-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20664-1 advisory. Changes in MozillaThunderbird: - Mozilla Thunderbird 140.10.0 ESR Newly translated strings were not available in Thunderbird MFSA 2026-34...

10CVSS7.6AI score0.04938EPSS
Exploits2References138
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.9 views

Fedora 44 : chromium (2026-f5ed344d5c)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f5ed344d5c advisory. The updates include fixes for: Critical CVE-2026-7363: Use after free in Canvas Critical CVE-2026-7361: Use after free in iOS Critical CVE-2026-7344...

9.6CVSS6.2AI score0.00433EPSS
Exploits0References31
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.16 views

AlmaLinux 8 : thunderbird (ALSA-2026:13537)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:13537 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScrip...

9.8CVSS6.1AI score0.04938EPSS
Exploits1References27
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.14 views

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2026:1649-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1649-1 advisory. This update for MozillaFirefox fixes the following issue: Update to Firefox Extended Support Release 140.10.0...

9.8CVSS5.9AI score0.04938EPSS
Exploits1References52
Kaspersky
Kaspersky
added 2026/05/01 12:0 a.m.14 views

KLA91012 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in media can be exploited remotely to execute...

9.6CVSS6.8AI score0.00433EPSS
Exploits0References29
Rows per page
Query Builder