Lucene search
K

2325 matches found

EUVD
EUVD
added 21 hours ago5 views

EUVD-2026-40566

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score
Exploits0References3
EUVD
EUVD
added 21 hours ago3 views

EUVD-2026-40532

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 22 hours ago5 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
NVD
NVD
added yesterday5 views

CVE-2026-13951

Insufficient policy enforcement in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
OSV
OSV
added yesterday2 views

DEBIAN-CVE-2026-13882

Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-13882

Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-13880

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS
Exploits0References2
Debian CVE
Debian CVE
added yesterday3 views

CVE-2026-13880

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score
Exploits0
CVE
CVE
added yesterday7 views

CVE-2026-13880

Google Chrome for macOS prior to 150.0.7871.47 is affected by CVE-2026-13880 due to a use-after-free in USB handling that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue affects Chrome on Mac, with the mitigation bein...

9.6CVSS5.8AI score
Exploits0References2Affected Software1
CVE
CVE
added yesterday7 views

CVE-2026-13882

CVE-2026-13882 describes a race in USB handling in Google Chrome before 150.0.7871.47 that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue is documented across NVD, Debian, EUVD, and other feeds with a consistent desc...

9.6CVSS5.8AI score
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2 days ago26 views

CVE-2026-10647 Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure

The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...

5.3CVSS0.00126EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 4 days ago9 views

USB: serial: io_ti: fix heap overflow in get_manuf_info()

...

7.8CVSS5.8AI score0.00155EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago6 views

USB: serial: kl5kusb105: fix bulk-out buffer overflow

...

7.8CVSS5.8AI score0.00146EPSS
Exploits0
RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-53037

A flaw was found in the Linux kernel's USB Human Interface Device HID subsystem. This vulnerability occurs when a USB device, containing both HID and storage or Universal Attached SCSI UAS components, is reset. During the reset process, memory allocation operations within the hidpostreset functio...

5.5CVSS5.7AI score0.00176EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 5 days ago11 views

CVE-2026-53194

A flaw was found in the Linux kernel's kl5kusb105 USB serial driver. This buffer overflow vulnerability allows a local attacker to write data beyond the intended memory boundary if attacker controls USB device or driver, because triggered from the internals of the device. By sending a specially...

7.8CVSS6AI score0.00146EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 5 days ago7 views

CVE-2026-53195

A flaw was found in the USB: serial: ioti module of the Linux kernel. The buildi2cfwhdr function allocates a fixed-size buffer but copies data into it without properly validating the input length from the firmware header. This oversight allows an attacker to provide a crafted firmware image,...

7CVSS6.7AI score0.00203EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-53107

A flaw was found in the Linux kernel's Wi-Fi Libertas driver. This issue occurs when the system attempts to terminate USB Request Blocks URBs from an interrupt context, which can lead to the system attempting to sleep in an inappropriate context. This can cause system instability or prevent furth...

5.8AI score0.00155EPSS
Exploits0References4
OSV
OSV
added 6 days ago2 views

UBUNTU-CVE-2026-53196

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...

7CVSS5.9AI score0.00155EPSS
Exploits0References11
EUVD
EUVD
added 6 days ago3 views

EUVD-2026-39286

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in buildi2cfwhdr buildi2cfwhdr allocates a fixed-size buffer of 161024 - 512 + sizeofstruct tii2cfirmwarerec bytes, then copies le16tocpuimgheader-Length bytes into it without validating that...

6AI score0.00203EPSS
Exploits0References8
CVE
CVE
added 6 days ago13 views

CVE-2026-53195

In the Linux kernel USB serial driver io_ti, CVE-2026-53195 describes a heap-overflow in build_i2c_fw_hdr(). The function allocates a fixed buffer ((16*1024 - 512) + sizeof(struct ti_i2c_firmware_rec)) and then copies img_header->Length bytes without validating that Length fits into the remain...

6AI score0.00203EPSS
Exploits0References8
Rows per page
Query Builder