Lucene search
+L

20533 matches found

CVE
CVE
added 5 days ago9 views

CVE-2026-15767

Summary of CVE-2026-15767 : A heap buffer overflow in libyuv used by Google Chrome on Windows allows remote code execution in the sandbox via a crafted video file. The issue is tied to Chrome prior to version 150.0.7871.125. In the connected advisories, Chrome’s July 2026 Stable Channel update li...

8.8CVSS6.5AI score0.00311EPSS
Exploits0References2Affected Software1
NVD
NVD
added 5 days ago6 views

CVE-2026-54989

Use after free in Quality Windows Audio/Video Experience QWAVE service allows an authorized attacker to elevate privileges locally...

7CVSS0.00204EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-49804

Heap-based buffer overflow in Windows USB Video Driver allows an unauthorized attacker to elevate privileges with a physical attack...

6.6CVSS0.0036EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago25 views

CVE-2026-49804 Windows USB Video Driver Elevation of Privilege Vulnerability

...

6.6CVSS0.0036EPSS
Exploits0References1
CVE
CVE
added 5 days ago6 views

CVE-2026-49804

CVE-2026-49804 describes a heap-based buffer overflow in the Windows USB Video Driver that can allow an unauthorized attacker to elevate privileges via a physical attack. The vulnerability is characterized by a physical attack vector with low exploit complexity and the need for user interaction, ...

6.6CVSS6.2AI score0.0036EPSS
Exploits0References1Affected Software11
Vulnrichment
Vulnrichment
added 5 days ago6 views

CVE-2026-49804 Windows USB Video Driver Elevation of Privilege Vulnerability

...

6.6CVSS6.1AI score0.0036EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago25 views

CVE-2026-54989 Quality Windows Audio/Video Experience (QWAVE) Elevation of Privilege Vulnerability

...

7CVSS0.00204EPSS
Exploits0References1
CVE
CVE
added 5 days ago10 views

CVE-2026-54989

CVE-2026-54989 is a use-after-free in the Quality Windows Audio/Video Experience (QWAVE) service that enables a locally authenticated attacker to elevate privileges. The CVSS 3.1 metrics describe a Local attack with High impact on confidentiality, integrity, and availability, requiring LOW privil...

7CVSS6AI score0.00204EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 5 days ago10 views

Quality Windows Audio/Video Experience (QWAVE) Elevation of Privilege Vulnerability

Use after free in Quality Windows Audio/Video Experience QWAVE service allows an authorized attacker to elevate privileges locally...

7CVSS6.1AI score0.00204EPSS
Exploits0
NVD
NVD
added 5 days ago8 views

CVE-2026-15624

A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this vulnerability is the function bytePlusDownloadVideo of the file internal/tools/createvideobyteplus.go of the component invoke Endpoint. The manipulation of the argument output.videourl leads to server-side...

6.5CVSS0.00209EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago37 views

CVE-2026-15624 nextlevelbuilder GoClaw invoke Endpoint create_video_byteplus.go bytePlusDownloadVideo server-side request forgery

A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this vulnerability is the function bytePlusDownloadVideo of the file internal/tools/createvideobyteplus.go of the component invoke Endpoint. The manipulation of the argument output.videourl leads to server-side...

6.5CVSS0.00209EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago4 views

EUVD-2026-43608

SQL Injection vulnerability in Shenzhou Shihan Video Conference System v.1.0 allows a remote attacker to execute arbitrary code via the /user/getUserLogin endpoint...

9.8CVSS6.4AI score0.00527EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-58730

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.125 Description A heap buffer overflow exists in the libyuv library. This issue allows a remote attacker to execute arbitrary code within a sandbox by providing a specially crafted video file...

8.8CVSS6.4AI score0.00328EPSS
Exploits0References19
NVD
NVD
added 6 days ago6 views

CVE-2026-51821

SQL Injection vulnerability in Shenzhou Shihan Video Conference System v.1.0 allows a remote attacker to execute arbitrary code via the /user/getUserLogin endpoint...

9.8CVSS0.00527EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-51821

SQL Injection vulnerability in Shenzhou Shihan Video Conference System v.1.0 allows a remote attacker to execute arbitrary code via the /user/getUserLogin endpoint...

0.00527EPSS
Exploits0References2
CVE
CVE
added 6 days ago7 views

CVE-2026-51821

Affected software: Shenzhou Shihan Video Conference System v1.0. Vulnerability: SQL Injection in the /user/getUserLogin endpoint. Root cause: Unsafely constructed SQL queries allow an attacker to inject arbitrary SQL. Impact: Remote attacker can execute arbitrary code with the system’s privileges...

9.8CVSS6.4AI score0.00527EPSS
Exploits0References2
NVD
NVD
added 2026/07/11 4:17 a.m.7 views

CVE-2026-7544

The Mux Video Uploader plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 via the muxvideoenqueuesettingsscript. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract sensitive data...

4.3CVSS0.00237EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/11 2:31 a.m.8 views

EUVD-2026-43128

The Mux Video Uploader plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 via the muxvideoenqueuesettingsscript. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract sensitive data...

4.3CVSS6.1AI score0.00237EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/11 2:31 a.m.36 views

CVE-2026-7544 Mux Video Uploader <= 1.1.4 - Authenticated (Subscriber+) Information Exposure

The Mux Video Uploader plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 via the muxvideoenqueuesettingsscript. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract sensitive data...

4.3CVSS0.00237EPSS
Exploits0References6
CVE
CVE
added 2026/07/11 2:31 a.m.15 views

CVE-2026-7544

Summary (CVE-2026-7544) : The Mux Video Uploader WordPress plugin (≤ v1.1.4) is vulnerable to Sensitive Information Exposure via muxvideo_enqueue_settings_script. Authenticated users with subscriber-level access or higher can extract sensitive data, including Mux API credentials. The CVE notes th...

4.3CVSS6.1AI score0.00237EPSS
Exploits0References6
Rows per page
Query Builder