Lucene search
+L

16485 matches found

OSV
OSV
added 2026/06/30 11:16 p.m.3 views

DEBIAN-CVE-2026-13846

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00316EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.33 views

CVE-2026-13951

Insufficient policy enforcement in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00278EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.7 views

CVE-2026-13951

Insufficient policy enforcement in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00278EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13882

Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00224EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.26 views

CVE-2026-13880

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.0028EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.31 views

CVE-2026-13882

Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00224EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13846

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00316EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:37 p.m.20 views

CVE-2026-13846

CVE-2026-13846 affects Google Chrome on macOS, caused by a use-after-free in USB handling that could allow a sandbox escape when a renderer process is compromised and a crafted HTML page is loaded. Impact described as high/highest severity; no exploitation details are provided in the source docum...

9.6CVSS5.8AI score0.00316EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.28 views

CVE-2026-13846

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00316EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 9:15 a.m.5 views

SUSE-SU-2026:2697-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References13
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.15 views

SUSE SLES12 Security Update : opensc (SUSE-SU-2026:2678-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2678-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses...

6.8CVSS6.3AI score0.00296EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.10 views

Oracle Linux 9 : kernel (ELSA-2026-24381)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-24381 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...

9.8CVSS7.2AI score0.00563EPSS
Exploits15References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.13 views

Oracle Linux 9 : kernel (ELSA-2026-25217)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-25217 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...

9.8CVSS7.2AI score0.00563EPSS
Exploits15References12
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup...

5.5CVSS6AI score0.00121EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 10:16 p.m.12 views

CVE-2026-10647

The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...

5.3CVSS0.00134EPSS
Exploits1References2
CVE
CVE
added 2026/06/29 9:39 p.m.21 views

CVE-2026-10647

The CVE concerns the USB CDC-NCM driver (subsys/usb/device_next/class/usbd_cdc_ncm.c) in Zephyr. The code ignores the return value of usbd_ep_enqueue() in cdc_ncm_send(); when enqueue fails, it still calls k_sem_take(&data-sync_sem, K_FOREVER), waiting on a completion that is only signaled from t...

5.3CVSS6.2AI score0.00134EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/06/29 4:16 p.m.12 views

CVE-2026-13583

A vulnerability has been found in Edimax EW-7478APC 1.04. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. Such manipulation of the argument ShareName/SelectName leads to buffer overflow. The attack may be performed from remote. The...

9CVSS0.00445EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 3:45 p.m.6 views

EUVD-2026-40131

A vulnerability has been found in Edimax EW-7478APC 1.04. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. Such manipulation of the argument ShareName/SelectName leads to buffer overflow. The attack may be performed from remote. The...

9CVSS7.6AI score0.00445EPSS
Exploits0References5
CVE
CVE
added 2026/06/29 3:45 p.m.21 views

CVE-2026-13583

Edimax EW-7478APC (firmware 1.04) contains a buffer overflow in the POST handler: formUSBFolder (/goform/formUSBFolder) via manipulation of ShareName/SelectName. The issue is exploitable remotely, with exploit disclosed publicly; no remediation details are provided in the supplied documents.

9CVSS7.6AI score0.00445EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 3:30 p.m.7 views

CVE-2026-13582

A flaw has been found in Edimax EW-7478APC 1.04. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. This manipulation of the argument UserName/Password causes buffer overflow. The attack is possible to be carried out remotely...

9CVSS7.7AI score0.00455EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder