7036 matches found
DEBIAN-CVE-2026-13882
Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13880
Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13882
Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11541
creationtimestamp| type| source ---|---|--- 2026-06-30 22:41:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpk34s2k5x2u 2026-07-01 02:51:56+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mpkj56ehry2l 2026-07-02 01:31:56+00:00| seen|...
CVE-2026-14083
Insufficient validation of untrusted input in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13880
Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13882
CVE-2026-13882 describes a race in USB handling in Google Chrome before 150.0.7871.47 that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue is documented across NVD, Debian, EUVD, and other feeds with a consistent desc...
CVE-2026-13880
Google Chrome for macOS prior to 150.0.7871.47 is affected by CVE-2026-13880 due to a use-after-free in USB handling that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue affects Chrome on Mac, with the mitigation bein...
PT-2026-54123
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in the USB component of Google Chrome on Mac. This flaw allows a remote attacker who has already compromised the renderer process to potentially achieve a...
PT-2026-54159
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A race condition in the USB component allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape. This is triggered through the us...
CVE-2026-10647 Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure
The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...
CVE-2026-13437
CVE-2026-13437 affects Devolutions PowerShell Universal 2026.2.0. An attacker with AI Agent read access can exploit the AI Agent job API to receive App Tokens serialized in plaintext within API responses, enabling retrieval of reusable authentication tokens with potential higher privilege. The un...
CVE-2026-13437
Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, potentially higher-privileged authentication tokens via App Tokens serialized in plaintext in job API...
PT-2026-53303
Name of the Vulnerable Software and Affected Versions Devolutions PowerShell Universal version 2026.2.0 Description An information disclosure issue exists in the AI Agent job API. An authenticated user with AI Agent read access can obtain reusable, potentially higher-privileged authentication...
CVE-2026-13487
creationtimestamp| type| source ---|---|--- 2026-06-28 13:22:36+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mpe2y3obci2v 2026-06-28 14:35:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpe72l5y2323 2026-06-29 19:46:18+00:00| seen|...
USB: serial: io_ti: fix heap overflow in get_manuf_info()
...
USB: serial: kl5kusb105: fix bulk-out buffer overflow
...
CVE-2026-53037
A flaw was found in the Linux kernel's USB Human Interface Device HID subsystem. This vulnerability occurs when a USB device, containing both HID and storage or Universal Attached SCSI UAS components, is reset. During the reset process, memory allocation operations within the hidpostreset functio...
CVE-2026-57924
creationtimestamp| type| source ---|---|--- 2026-06-26 14:18:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp756gpb7h27...
CVE-2026-53194
A flaw was found in the Linux kernel's kl5kusb105 USB serial driver. This buffer overflow vulnerability allows a local attacker to write data beyond the intended memory boundary if attacker controls USB device or driver, because triggered from the internals of the device. By sending a specially...