CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

Positive Technologies•added 2026/05/14 12:0 a.m.•10 views

PT-2026-41078

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description A use after free issue in Media allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that occurs...

8.8CVSS6.2AI score0.00498EPSS

Exploits0References83

AlpineLinux•added 2026/04/15 7:4 p.m.•3 views

CVE-2026-6316

Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00323EPSS

Exploits0

UbuntuCve•added 2026/03/20 12:0 a.m.•2 views

CVE-2026-4447

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00354EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2017-14532

Malware in sbrugna...

9.8CVSS9.2AI score0.02802EPSS

Exploits1References11

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2022-7507

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01425EPSS

Exploits1References6

Cvelist•added 2022/12/21 11:14 p.m.•34 views

CVE-2022-25893 Arbitrary Code Execution

The package vm2 before 3.9.10 are vulnerable to Arbitrary Code Execution due to the usage of prototype lookup for the WeakMap.prototype.set method. Exploiting this vulnerability leads to access to a host object and a sandbox compromise...

9.8CVSS9.9AI score0.01425EPSS

Exploits1References4

CVE•added 2022/12/21 11:14 p.m.•108 views

CVE-2022-25893

CVE-2022-25893 affects the vm2 Node.js module (pre-3.9.10) and is caused by a prototype pollution flaw in WeakMap.prototype.set, enabling an attacker to access host objects and potentially compromise the sandbox, leading to arbitrary code execution. Reported impact in the sources: remote code exe...

9.8CVSS9.7AI score0.01425EPSS

Exploits1References4Affected Software1

OSV•added 2022/12/21 6:30 a.m.•4 views

GHSA-4W2J-2RG4-5MJW vm2 vulnerable to Arbitrary Code Execution

The package vm2 before 3.9.10 is vulnerable to Arbitrary Code Execution due to the usage of prototype lookup for the WeakMap.prototype.set method. Exploiting this vulnerability leads to access to a host object and a sandbox compromise...

9.8CVSS7.2AI score0.01425EPSS

Exploits1References6

OSV•added 2022/12/21 5:15 a.m.•25 views

CVE-2022-25893

9.8CVSS9.7AI score

Exploits0References4

NVD•added 2022/12/21 5:15 a.m.•27 views

CVE-2022-25893

9.8CVSS0.01425EPSS

Exploits1References4

Prion•added 2022/12/21 5:15 a.m.•19 views

Spoofing

7.5CVSS9.6AI score0.01425EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2022/12/21 12:0 a.m.•6 views

PT-2022-17590 · Vm2 · Vm2

Name of the Vulnerable Software and Affected Versions: vm2 versions prior to 3.9.10 Description: The issue is related to Arbitrary Code Execution due to the usage of prototype lookup for the WeakMap.prototype.set method. This allows access to a host object and can lead to a sandbox compromise...

9.8CVSS9.5AI score0.01425EPSS

Exploits1References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by