Lucene search
K

209 matches found

OSV
OSV
added 4 days ago2 views

DEBIAN-CVE-2026-14032

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Low...

8.1CVSS6.1AI score0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago22 views

CVE-2026-14108

Use after free in PDFium in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...

0.00259EPSS
Exploits0References2
CVE
CVE
added 4 days ago10 views

CVE-2026-14093

Summary: A use-after-free in the Cast component of Google Chrome, affecting versions prior to 150.0.7871.47, can allow a compromised renderer process to potentially escape the sandbox via a crafted HTML page. Affected software: Google Chrome (Cast component) on all platforms where the vulnerable ...

9.6CVSS5.8AI score0.00234EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.6 views

SUSE SLES15 Security Update : openssl-3-livepatches (SUSE-SU-2026:2662-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2662-1 advisory. This update for openssl-3-livepatches fixes the following issues - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC...

9.8CVSS6.4AI score0.47621EPSS
Exploits7References14
NVD
NVD
added 2026/06/25 9:16 a.m.4 views

CVE-2026-53161

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix use-after-free of fastrpcuser in workqueue context There is a race between fastrpcdevicerelease and the workqueue that processes DSP responses. When the user closes the file descriptor, fastrpcdevicerelease fre...

7.8CVSS0.00135EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Google Chrome < 149.0.7827.200 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 149.0.7827.200. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop01245939337 advisory. - Use after free in AdFilter. CVE-2026-13283 - Integer overflow in...

8.3CVSS5.9AI score0.00229EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

RockyLinux 9 : kernel (RLSA-2026:27789)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27789 advisory. kernel: can: isotp: fix tx.buf use-after-free in isotpsendmsg CVE-2026-31474 kernel: mptcp: fix slab-use-after-free in inetlookupestablished...

9.8CVSS7.1AI score0.004EPSS
Exploits9References35
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, there was a race in the serial channel IRP thread tracking that allowed for a heap use-after-free condition when one thread removed an entry from serial-IrpThreads while another read it. This vulnerability h...

8.1CVSS5.8AI score0.00286EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/24 12:0 a.m.17 views

CVE-2025-60468

GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflow. The impact is: cause a denial of service local. The component is: filtercore/filterpid.c L:574-580: function gffilterpidinstswapdeletetask improperly accesses freed objects...

0.0013EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.19 views

Google Chrome < 149.0.7827.196 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 149.0.7827.196. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0482630350 advisory. - Use after free in Autofill. CVE-2026-13038 - Use after free in WebG...

9.6CVSS5.8AI score0.0026EPSS
Exploits1References37
Cvelist
Cvelist
added 2026/06/23 4:5 p.m.33 views

CVE-2026-56113 dhcpcd Heap Use-After-Free in dhcp6_deprecateaddrs via DHCPv6 RENEW

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...

6CVSS0.00175EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 87.0.4280.88, using free memory in the clipboard in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

9.3CVSS8.1AI score0.0124EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a UAF Use-After-Free issue caused by a race condition involving ref-proc. A transaction of type BINDERTYPEWEAKHANDLE may fail to increment the reference count of a node. In this case, the target proc normally releas...

7CVSS5.6AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a UAF in jfsevictinode When the execution of diMountipimap fails, the object ipimap that has been released may be accessed in diFreeSpecial. Asynchronous release of ipimap occurs when rcucore calls jfsfreenode...

7.8CVSS6.2AI score0.00281EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A use-after-free flaw was discovered in the ext4remount function in the fs/ext4/super.c file within ext4 in the Linux kernel. This flaw allows a local user to cause an information leak issue when freeing the old quota file names before a potential failure, resulting in a use-after-free condition...

7.1CVSS6.7AI score0.00225EPSS
Exploits0References2
OSV
OSV
added 2026/06/16 12:0 a.m.4 views

ALSA-2026:26275 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Use After Free with SSLfreebuffers CVE-2024-4741 openssl: Heap Use-After-Free in OpenSSL...

8.8CVSS6.8AI score0.02945EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.28 views

CVE-2025-55644

A heap use-after-free in the gfnodegettag function scenegraph/basescenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

0.00188EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2025-55650

A heap use-after-free in the gfnodegettag function scenegraph/basescenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.2AI score0.00188EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49271

A heap use-after-free in the gf node get tag function scenegraph/base scenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.3AI score0.00188EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/12 12:31 a.m.7 views

EUVD-2026-36349

Use after free in Video in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00191EPSS
Exploits0References3
Rows per page
Query Builder