Lucene search
K

1501 matches found

EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-40478

Use after free in Touchbar in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score
Exploits0References3
CVE
CVE
added yesterday4 views

CVE-2026-13792

CVE-2026-13792 is a use-after-free in Touchbar handling for Google Chrome on macOS, exploitable via a crafted HTML page to potentially escape the sandbox. Affected software: Chrome on macOS prior to 150.0.7871.47. Root cause: Touchbar code path operation leads to a use-after-free vulnerability (n...

5.8AI score
Exploits0References2
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-45407 Dokku: Git Credentials in .netrc Stored World-Readable Due to Premature touch

Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKUROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the netrc binary's built-in 0600 permission setting, leaving git credentials readable by any local user wh...

5CVSS0.00089EPSS
Exploits0References2
CVE
CVE
added 5 days ago9 views

CVE-2026-45407

Technical details about CVE-2026-45407 are not publicly available in the provided documents. Monitor for updates.

5.5CVSS5.8AI score0.00089EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-31395

golang.org/x/crypto/ssh: FIDO/U2F security key physical presence check can be bypassed...

9.1CVSS5.8AI score0.00373EPSS
Exploits0References6
OSV
OSV
added 6 days ago4 views

GHSA-89GR-R52H-F8RX golang.org/x/crypto/ssh: FIDO/U2F security key physical presence check can be bypassed

The Verify method for FIDO/U2F security key types [email protected], [email protected] did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior,...

9.1CVSS5.8AI score0.00373EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.3 views

Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2026-1896)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1896 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 The RSA and DSA public key parsers did not enforce size limits on key parameters. A...

10CVSS7.1AI score0.03092EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2 : containerd, --advisory ALAS2ECS-2026-122 (ALASECS-2026-122)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-122 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an...

10CVSS6AI score0.03092EPSS
Exploits2References14
Amazon
Amazon
added 2026/06/08 12:0 a.m.16 views

Important: docker

Issue Overview: The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated client...

10CVSS5.6AI score0.005EPSS
Exploits0
Amazon
Amazon
added 2026/06/08 12:0 a.m.17 views

Important: runfinch-finch

Issue Overview: An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state a...

10CVSS5.8AI score0.005EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.9 views

Amazon Linux 2023 : docker (ALAS2023-2026-1783)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1783 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU...

10CVSS6.8AI score0.03092EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2026-126 (ALASDOCKER-2026-126)

The version of docker installed on the remote host is prior to 25.0.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-126 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an...

10CVSS6.9AI score0.03092EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-109 (ALASNITRO-ENCLAVES-2026-109)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-109 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused...

10CVSS7AI score0.005EPSS
Exploits0References28
Amazon
Amazon
added 2026/06/08 12:0 a.m.8 views

Important: containerd

Issue Overview: An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state a...

10CVSS5.8AI score0.005EPSS
Exploits0
Amazon
Amazon
added 2026/06/08 12:0 a.m.14 views

Important: docker

Issue Overview: The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated client...

10CVSS5.6AI score0.005EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.7 views

CVE-2026-39831

The Verify method for FIDO/U2F security key types [email protected], [email protected] did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior,...

9.1CVSS5.4AI score0.00373EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will...

8.1CVSS7.2AI score0.00258EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.9 views

SUSE CVE-2026-46232

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will read off the end of the touchreports array, up to about 2 KiB for the...

6.1CVSS5.7AI score0.00258EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 9:9 p.m.9 views

CVE-2026-46202

A flaw was found in the Linux kernel's Apple Touch Bar keyboard driver. This vulnerability allows the system to become unstable or crash kernel panic when the driver's inactivity autodim feature attempts to acquire a lock from an inappropriate execution context. This can be triggered by a local...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.16 views

CVE-2026-46232

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will read off the end of the touchreports array, up to about 2 KiB for the...

8.1CVSS0.00258EPSS
Exploits0References5
Rows per page
Query Builder