Lucene search
K

60484 matches found

Snyk
Snyk
added 2026/03/20 2:41 a.m.5 views

Directory Traversal

Overview org.springframework:spring-webflux is a Spring Framework module that contains support for reactive HTTP and WebSocket clients as well as for reactive server web applications including REST, HTML browser, and WebSocket style interactions. Affected versions of this package are vulnerable t...

8.2CVSS6.4AI score0.00385EPSS
Exploits0References2
OSV
OSV
added 2026/03/20 2:16 a.m.4 views

DEBIAN-CVE-2026-4450

Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00281EPSS
Exploits0References1
NVD
NVD
added 2026/03/20 2:16 a.m.4 views

CVE-2026-4450

Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00281EPSS
Exploits0References2
CVE
CVE
added 2026/03/20 1:34 a.m.13 views

CVE-2026-4459

Chrome WebAudio: CVE-2026-4459 - Out-of-bounds read/write in WebAudio before 146.0.7680.153 may enable remote heap corruption via a crafted HTML page. Impact described as high severity with potential for total impact; exploit requires user interaction and network access. Google Chrome has release...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/20 1:34 a.m.4 views

CVE-2026-4459

Out of bounds read and write in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00281EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/20 1:34 a.m.3 views

CVE-2026-4450

Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00281EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/20 1:34 a.m.5 views

CVE-2026-4450

Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00281EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/03/20 1:34 a.m.19 views

CVE-2026-4450

CVE-2026-4450 is a vulnerability in Google Chrome’s V8 engine. It describes an out-of-bounds write in V8 prior to 146.0.7680.153 that could enable a remote attacker to cause heap corruption via a crafted HTML page. The issue affects Chrome releases using the affected V8, with a high severity (CVS...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/03/20 1:34 a.m.4 views

CVE-2026-4450

Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00281EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/20 1:34 a.m.19 views

CVE-2026-4440

Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...

0.00324EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/20 1:34 a.m.4 views

CVE-2026-4440

Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...

6AI score0.00324EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/20 1:34 a.m.2 views

EUVD-2026-13447

Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.9AI score0.00324EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/20 1:34 a.m.2 views

CVE-2026-4440

Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...

5.9AI score0.00324EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/20 1:34 a.m.4 views

CVE-2026-4440

Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.9AI score0.00324EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/20 1:26 a.m.20 views

CVE-2026-32711 pydicom: Path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root

pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, b...

7.8CVSS0.00279EPSS
Exploits1References3
NVD
NVD
added 2026/03/20 1:15 a.m.4 views

CVE-2026-32771

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go lines 248–254 is vulnerable to Path Traversal due to a missing...

9.8CVSS0.00655EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/20 12:29 a.m.4 views

SUSE CVE-2026-3029

A path traversal and arbitrary file write vulnerability exist in the embedded get function in 'main.py' in PyMuPDF version, 1.26.5...

8.2CVSS5.9AI score0.00354EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 12:29 a.m.4 views

CVE-2026-32771

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go lines 248–254 is vulnerable to Path Traversal due to a missing...

8.8CVSS5.8AI score0.00655EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/03/20 12:29 a.m.12 views

CVE-2026-32771

Summary of CVE-2026-32771 (CTFer.io Monitoring) : In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go is vulnerable to a path traversal flaw caused by a missing trailing path separator in a strings.HasPrefix check. This allows an attacker to craft archives that ...

9.8CVSS5.8AI score0.00655EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/20 12:29 a.m.5 views

CVE-2026-32771 Monitoring is vulnerable to Archive Slip due to missing checks in sanitization

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go lines 248–254 is vulnerable to Path Traversal due to a missing...

8.8CVSS6.3AI score0.00655EPSS
Exploits1References5
Rows per page
Query Builder