Lucene search
+L

6390 matches found

euvd
euvd
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34649

Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00234EPSS
Exploits0References3
euvd
euvd
added 2026/06/05 12:31 a.m.9 views

EUVD-2026-34461

Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00286EPSS
Exploits0References3
euvd
euvd
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34458

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00325EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/05 12:10 a.m.11 views

CVE-2026-36176

GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...

7.1CVSS5.8AI score0.00093EPSS
Exploits0References1
nvd
nvd
added 2026/06/04 11:17 p.m.8 views

CVE-2026-11188

Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00234EPSS
Exploits0References2
nvd
nvd
added 2026/06/04 11:17 p.m.10 views

CVE-2026-11012

Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS0.00286EPSS
Exploits0References2
osv
osv
added 2026/06/04 11:17 p.m.5 views

DEBIAN-CVE-2026-11012

Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References1
nvd
nvd
added 2026/06/04 11:17 p.m.12 views

CVE-2026-11009

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS0.00325EPSS
Exploits0References2
osv
osv
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-11009

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00325EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11188

Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00234EPSS
Exploits0References2
cve
cve
added 2026/06/04 11:5 p.m.34 views

CVE-2026-11188

The connected sources confirm CVE-2026-11188 is a use-after-free in the USB handling of Google Chrome on Android, prior to version 149.0.7827.53, enabling a remote attacker to potentially escape the sandbox via a crafted HTML page. Affected software: Google Chrome on Android; vulnerable component...

8.8CVSS5.8AI score0.00234EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2026/06/04 11:4 p.m.7 views

CVE-2026-11012

Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.5AI score0.00286EPSS
Exploits0
cve
cve
added 2026/06/04 11:4 p.m.29 views

CVE-2026-11012

CVE-2026-11012 : In Google Chrome on Android, a use-after-free in Serial (prior to version 149.0.7827.53) could allow a renderer-compromised remote attacker to potentially escape the sandbox via a crafted HTML page. Impact described as sandbox escape with high/severe implications; remediation is ...

8.3CVSS5.8AI score0.00286EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/04 11:4 p.m.38 views

CVE-2026-11012

Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00286EPSS
Exploits0References2
cve
cve
added 2026/06/04 11:4 p.m.33 views

CVE-2026-11009

CVE-2026-11009 is a use-after-free vulnerability in Chrome’s USB handling on Windows prior to 149.0.7827.53 that could allow a remote attacker to escape the sandbox via a crafted HTML page. The issue is reported for Chromium-based Chrome (severity: Medium) and is treated as a high-severity, high-...

9.6CVSS5.8AI score0.00325EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/04 11:4 p.m.38 views

CVE-2026-11009

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00325EPSS
Exploits0References2
nvd
nvd
added 2026/06/04 3:16 p.m.16 views

CVE-2026-36176

GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...

7.1CVSS0.00093EPSS
Exploits0References1
nvd
nvd
added 2026/06/04 3:16 p.m.16 views

CVE-2026-36174

GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface...

4.6CVSS0.0014EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/04 2:40 p.m.15 views

CVE-2026-46261

A flaw was found in the Linux kernel. A null pointer dereference in the wpcm-fiu Serial Peripheral Interface SPI driver, specifically when platformgetresourcebyname returns a null value, could lead to a system crash. This vulnerability could allow a local attacker to cause a Denial of Service DoS...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
redhat
redhat
added 2026/06/04 1:4 p.m.8 views

kernel: usbip: validate number_of_packets in usbip_pack_ret_submit()

A flaw was found in the Linux kernel's USB/IP subsystem. A malicious USB/IP server could exploit a vulnerability in the usbippackretsubmit function by sending a specially crafted RETSUBMIT response. This response, containing an oversized numberofpackets value, could cause a heap out-of-bounds...

9.8CVSS6.3AI score0.00311EPSS
Exploits0References5
Rows per page
Query Builder