Lucene search
K
AttackerkbRecent

74667 matches found

ATTACKERKB
ATTACKERKB
added 1 hour ago4 views

CVE-2026-15738

Incorrect behavior order in the Gateway API listener-rule generation in Amazon AWS Load Balancer Controller before 3.4.2 might allow an authenticated remote user to intercept, spoof, or deny another namespace's gRPC traffic on a shared Gateway via a crafted HTTPRoute resource. To mitigate this...

8.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-24272

NVIDIA TensorRT contains a vulnerability where an attacker might cause an overflow to a heap-based buffer. A successful exploit of this vulnerability might lead to code execution...

7.8CVSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago3 views

CVE-2026-24268

NVIDIA TensorRT contains a vulnerability where an attacker might cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution...

7.8CVSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-24238

NVIDIA TensorRT for contains a vulnerability where an attacker might cause an improper validation of array index. A successful exploit of this vulnerability might lead to code execution...

7.8CVSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-24227

NVIDIA TensorRT for contains a vulnerability where a user might cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution...

5.3CVSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15777

Use after free in UI in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15776

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago3 views

CVE-2026-15778

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15775

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15774

Use after free in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago3 views

CVE-2026-15773

Use after free in Core in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago3 views

CVE-2026-15771

Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15772

Use after free in GPU in Google Chrome on Android prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15769

Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15770

Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15768

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15766

Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15767

Heap buffer overflow in libyuv in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. Chromium security severity: High...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15764

Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15765

Use after free in Ozone in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-24271

NVIDIA TensorRT-LLM contains a vulnerability in the OpenAI-compatible inference API, where an attacker could cause allocation of GPU resources without limits or throttling. A successful exploit of this vulnerability might lead to denial of service...

6.2CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-47475

NVIDIA TensorRT-LLM contains a vulnerability in the OpenAI-compatible inference API where an attacker could trigger a reachable assertion in the sampler thread. A successful exploit of this vulnerability might lead to denial of service...

6.2CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago3 views

CVE-2026-47470

NVIDIA TensorRT-LLM for any platform contains a vulnerability in the gRPC server chat API endpoint, where an attacker could cause CWE-20 by local attack. A successful exploit of this vulnerability might lead to denial of service...

6.2CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago3 views

CVE-2026-24226

NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure...

6.3CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-24259

NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause missing authentication for a critical function. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure...

6.4CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-24220

NVIDIA TensorRT-LLM for any platform contains a vulnerability in visual gen server, where an attacker could cause an unsafe deserialization by unauthorized zeroMQ deserialization. A successful exploit of this vulnerability might lead to code execution...

6.4CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-24234

NVIDIA TensorRT-LLM for Linux contains a vulnerability in the multimodal media fetching functions, where a network-accessible attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to denial of service and information disclosure...

6.8CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-24229

NVIDIA TensorRT-LLM for Linux contains a vulnerability in the disaggregated orchestrator component, where an attacker could read, write, or delete internal cluster state by sending requests to the FastAPI server. A successful exploit of this vulnerability might lead to information disclosure, dat...

7.3CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-15643

AWS HealthLake MCP Server awslabs.healthlake-mcp-server is a Model Context Protocol server that enables AI assistants to interact with AWS HealthLake FHIR datastores. A server-side request forgery in the pagination handling component in AWS awslabs.healthlake-mcp-server before 0.0.14 on all...

9.2CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-47473

NVIDIA TensorRT-LLM contains a vulnerability where an attacker could cause a write-what-where condition. A successful exploit of this vulnerability might lead to data tampering, denial of service, and information disclosure...

7.4CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-47471

NVIDIA TensorRT-LLM for any platform contains a vulnerability in tensor deserialization, where an attacker could cause a heap based buffer overflow. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service...

7.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago3 views

CVE-2026-47472

NVIDIA TensorRT-LLM contains a vulnerability in its inter-process communication layer where an attacker with local same-user access could cause deserialization. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, and denial of service...

7.8CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 1 hour ago2 views

CVE-2026-24233

NVIDIA TensorRT-LLM for Linux contains a vulnerability in the restricted unpickler used for model weight deserialization, where a local, unauthenticated attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of...

8.4CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-47423

DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. In 3.4.4, DOMPurify allowed selectedcontent by default, allowing browsers to re-clone an XSS payload after sanitization so that unsanitized markup inside is returned. This issue is fixed in version 3.4.5...

8.2CVSS0.00035EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2 hours ago3 views

CVE-2026-47736

Puma is a Ruby/Rack web server built for parallelism. From 5.5.0 until 7.2.1 and 8.0.2, when PROXY protocol v1 support is enabled, Puma reads incoming bytes into an internal buffer while waiting for CRLF to determine whether a PROXY v1 line is present, allowing an attacker that continuously sends...

7.5CVSS0.0007EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2 hours ago3 views

CVE-2026-15714

An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soupmultipartinputstreamreadheaders function inside soup-multipart-input-stream.c, which does not adequately restrict or validate the size of incoming multipart boundary strings. When...

6.5CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-47482

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause missing release of memory after effective lifetime. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-47481

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause an authentication bypass through an alternative path or channel. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data...

6.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-47480

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause an uncaught exception. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-47479

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-47478

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause the use of an expired file descriptor. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-15713

A vulnerability was found in libsoup's HTTP/2 protocol implementation. The library fails to correctly release memory context blocks under specific stream termination conditions, such as when an HTTP/2 connection encounters window exhaustion or explicit stream resets. A remote, unauthenticated...

5.9CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-15711

A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 §5.5, which mandates that all WebSocket control frames e.g., PING, PONG, CLOSE contain a payload of 125 bytes or less. A remote, unauthenticated attacker...

7.5CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 hours ago3 views

CVE-2026-47737

Puma is a Ruby/Rack web server built for parallelism. From 5.5.0 until 7.2.1 and 8.0.2, Puma is vulnerable to source IP spoofing when setremoteaddress proxyprotocol: :v1 is enabled and persistent connections are used because Puma incorrectly re-parses PROXY protocol headers after each keep-alive...

7.5CVSS0.00015EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2 hours ago3 views

CVE-2026-47477

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a stack-based buffer overflow. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 hours ago3 views

CVE-2026-47476

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-15410

Post-authentication improper control of generation of code 'Code Injection' vulnerability has been identified in the SMA1000 Appliance Management Console AMC which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands...

Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-15709

A flaw was found in libsoup's WebSocket implementation when using the permessage-deflate extension. The extension's decompression loop inflate processes data in chunks without enforcing an upper boundary limit on the output buffer size. While libsoup limits the incoming compressed frame size via...

7.5CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-15409

A Server-side request forgery SSRF vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location...

Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2 hours ago3 views

CVE-2026-13001

The Podlove Podcast Publisher plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'podlovehandlecachefiles' function in all versions up to, and including, 4.5.1. This makes it possible for unauthenticated attackers to upload arbitrary files on t...

9.8CVSS
Exploits0References5
Total number of security vulnerabilities74667