Lucene search
K

4819 matches found

EUVD
EUVD
added 9 hours ago4 views

EUVD-2026-42242

Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...

7.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added yesterday3 views

PYSEC-2026-1477 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Impact On Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration files affecting other users. Only shared Windows systems with multiple users and unprotected %PROGRAMDATA% are affected...

7.3CVSS7.1AI score0.00154EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-54424

An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance o...

8.4CVSS6AI score0.00245EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 5 days ago8 views

7-Zip <= 26.02 Mark-of-the-Web Bypass (CVE-2026-58052)

The version of 7-Zip installed on the remote Windows host is 26.02 or earlier. It is, therefore, affected by a vulnerability: - 7-Zip for Windows fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier...

4.8CVSS6.1AI score0.00119EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-38972

Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibraryL"MSFTEDIT.DLL" with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or...

0.00148EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.23 views

CVE-2026-14384

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00263EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 10:21 p.m.5 views

CVE-2026-14384

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00263EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.22 views

CVE-2026-14391

Integer overflow in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.00233EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40530

Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

5.8AI score0.00109EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-13925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Downloads in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specifi...

7.5CVSS6.4AI score0.00354EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14122

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS0.00239EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14010

Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14010

Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00302EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.23 views

CVE-2026-14094

Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Low...

0.00089EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:39 p.m.15 views

CVE-2026-14094

Summary (CVE-2026-14094) : A use-after-free flaw in the Chrome Windows Installer component allows a local attacker to escalate to OS-level privileges by loading a malicious file. Affected software: Google Chrome on Windows (prior to version 150.0.7871.47). Root cause: use-after-free in the Instal...

7.8CVSS5.8AI score0.00089EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.21 views

CVE-2026-13844

Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

0.00109EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.4 views

CVE-2026-13787

Use after free in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.1CVSS6.2AI score0.00393EPSS
Exploits0
CVE
CVE
added 2026/06/25 3:39 p.m.16 views

CVE-2026-4522

Technical details are not publicly available in the provided documents for CVE-2026-4522. No specifics on affected components, root cause, impact, or remediation are provided; monitor for updates.

6.7CVSS5.9AI score0.00123EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

Tridium Niagara Use of Incorrectly-Resolved Name or Reference (CVE-2025-3941)

Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise...

9.8CVSS7.6AI score0.0047EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 8:4 a.m.34 views

CVE-2026-10745

Improper output neutralization for logs vulnerability in upKeeper Solutions upKeeper Instant Privilege Access on Windows allows Log Injection-Tampering-Forging. This issue affects upKeeper Instant Privilege Access: through 1.6.1...

7.9CVSS0.00264EPSS
Exploits0References1
Rows per page
Query Builder