Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-10645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversal state. In...

5.5CVSS6.2AI score0.00205EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 11:48 p.m.7 views

CVE-2026-10645

Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversal state. In ext2fetchdirentry subsys/fs/ext2/ext2diskops.c, the code only checks denamelen = EXT2MAXFILENAME and then copies the name with memcpy...

4.9CVSS6.1AI score0.00205EPSS
Exploits1References2
OSV
OSV
added 2026/06/04 11:17 p.m.9 views

DEBIAN-CVE-2026-11237

Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

8.3CVSS5.5AI score0.00194EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 11:17 p.m.5 views

DEBIAN-CVE-2026-11041

Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00234EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:3 p.m.28 views

CVE-2026-10917

CVE-2026-10917 affects Google Chrome (Media component) prior to version 149.0.7827.53. The root cause is insufficient validation of untrusted input in Media, which could allow a remote attacker who has compromised the renderer process to attempt a sandbox escape via a crafted HTML page. The linke...

8.3CVSS5.8AI score0.00305EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.36 views

CVE-2026-7905

Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.0022EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/15 7:18 p.m.8 views

CVE-2026-6385

A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...

6.5CVSS6.1AI score0.00437EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/09 12:32 a.m.10 views

EUVD-2026-20695

Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.3AI score0.00289EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/18 1:34 a.m.3 views

CVE-2026-22171 OpenClaw < 2026.2.19 - Path Traversal in Feishu Media Temporary File Naming

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the Feishu media download flow where untrusted media keys are interpolated directly into temporary file paths in extensions/feishu/src/media.ts. An attacker who can control Feishu media key values returned to the clien...

8.8CVSS5.9AI score0.00339EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/18 1:34 a.m.6 views

EUVD-2026-12714

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the Feishu media download flow where untrusted media keys are interpolated directly into temporary file paths in extensions/feishu/src/media.ts. An attacker who can control Feishu media key values returned to the clien...

8.8CVSS5.9AI score0.00339EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/18 1:34 a.m.26 views

CVE-2026-22171 OpenClaw < 2026.2.19 - Path Traversal in Feishu Media Temporary File Naming

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the Feishu media download flow where untrusted media keys are interpolated directly into temporary file paths in extensions/feishu/src/media.ts. An attacker who can control Feishu media key values returned to the clien...

8.8CVSS0.00339EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/16 2:19 p.m.6 views

CVE-2026-2920

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the ASF Demuxer component allows a remote attacker to execute arbitrary code. The issue arises from insufficient validation of user-supplied data length when processing stream headers within ASF Advanced Systems Forma...

7.8CVSS6.8AI score0.00773EPSS
Exploits0References5
Rows per page
Query Builder