Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

229 matches found

SUSE CVE
SUSE CVEadded 2026/06/07 4:49 a.m.7 views

SUSE CVE-2026-10981

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted video file. Chromium security severity: High...

6.5CVSS5.5AI score0.00036EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/06/07 4:46 a.m.6 views

SUSE CVE-2026-11079

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00106EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/06/07 4:42 a.m.6 views

SUSE CVE-2026-11198

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00106EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/05 12:31 a.m.7 views

EUVD-2026-34430

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted video file. Chromium security severity: High...

5.8AI score0.00036EPSS
Exploits0References3
EUVD
EUVDadded 2026/06/05 12:31 a.m.7 views

EUVD-2026-34415

Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: High...

5.8AI score0.00087EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/06/04 11:4 p.m.5 views

CVE-2026-11079

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. Chromium security severity: Medium...

5.5AI score0.00106EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/02 12:0 a.m.8 views

PT-2026-46510

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker who has compromised the renderer process to leak cross-origin data using a crafted video file...

9.6CVSS5.8AI score0.04819EPSS
Exploits0References434
Cvelist
Cvelistadded 2026/05/28 10:25 p.m.31 views

CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

0.00012EPSS
Exploits0References2
CVE
CVEadded 2026/05/14 7:52 p.m.10 views

CVE-2026-8573

Google Chrome on Windows is affected by CVE-2026-8573 due to an integer overflow in Codecs, enabling a remote attacker to potentially escape the sandbox via a crafted video file. Affected versions are Windows builds prior to 148.0.7778.168; remediation is to update to 148.0.7778.168 or newer. Chr...

8.3CVSS5.9AI score0.00086EPSS
Exploits0References2Affected Software1
Snyk
Snykadded 2026/05/14 7:16 p.m.5 views

Division by zero

Overview Affected versions of this package are vulnerable to Division by zero in the qtdemuxaudiocaps function of the isomp4 plugin when parsing MP4 audio tracks. An attacker can cause a denial of service by supplying crafted atom data that triggers an integer division by zero. Remediation A fix...

9.1CVSS5.8AI score0.00039EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/05/12 12:0 a.m.5 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a buffer overflow vulnerability, which was caused by an out-of-bounds write issue in the Codecs component. This vulnerability could allow remote attackers to execute a sandbox escap...

8.3CVSS6.2AI score0.00092EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/05/05 8:41 a.m.5 views

nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files

A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...

8.5CVSS7.7AI score0.00026EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/23 4:12 p.m.2 views

CVE-2026-6921

Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

5.8AI score0.00028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/09 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2026-5910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file...

8.8CVSS7.4AI score0.00094EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/01/16 12:24 a.m.4 views

CVE-2025-70299

A heap overflow in the aviparseinputfile function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted AVI file...

6.5CVSS7AI score0.00018EPSS
Exploits1References1
CVE
CVEadded 2026/01/15 12:0 a.m.14 views

CVE-2025-70303

CVE-2025-70303 concerns GPAC v2.4.0, where the uncv_parse_config() function is vulnerable to a heap overflow (CNVD and Red Hat listings corroborate as a DoS risk). Exploitation involves processing a crafted MP4 file, leading to denial of service. Connected sources consistently describe a DoS outc...

5.5CVSS6.6AI score0.00007EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2025/11/24 1:16 p.m.3 views

CVE-2025-41016

Inadequate access control vulnerability in Davantis DFUSION v6.177.7, which allows unauthorised actors to extract images and videos related to alarm events through access to “/alarms//”, where the “MEDIA” parameter can take the value of “snapshot” or “video.mp4”. These media files contain images...

8.7CVSS0.00058EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/11/06 10:8 p.m.2 views

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

6.1AI score0.0003EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2025/11/06 10:8 p.m.7 views

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

6.3CVSS8.4AI score0.0003EPSS
Exploits0
GithubExploit
GithubExploitadded 2025/10/18 11:36 a.m.89 views

0-DAY

0-DAYzero-day !Repo Statushttps://img.shields.io/badge/...

5.8AI score
Exploits0
Rows per page
Query Builder