Lucene search
K

417518 matches found

EUVD
EUVD
added 2 days ago3 views

EUVD-2026-41161

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

6.2AI score0.00265EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41171

Integer overflow in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.9AI score0.00233EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41191

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00202EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-41182

Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00189EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41195

Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

9.6CVSS6.2AI score0.00307EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41173

Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.9AI score0.00242EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41184

Out of bounds write in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41194

Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00224EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41205

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00235EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41172

Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.9AI score0.00276EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41179

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00263EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41167

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00237EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41166

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-41158

Inappropriate implementation in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.0019EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41160

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.2AI score0.00319EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41197

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00235EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41180

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00263EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41165

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00276EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41157

Inappropriate implementation in PDFium in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted PDF file. Chromium security severity: Medium...

5.8AI score0.00202EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41203

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.2AI score0.00281EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41216

A NULL pointer dereference in the AP4TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.2CVSS5.8AI score0.0012EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41225

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub448384 component...

7.5CVSS5.8AI score0.00452EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41224

SQL Injection vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to execute arbitrary code via the gohead/sub463bbc component...

9.8CVSS6.2AI score0.00527EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41159

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.2AI score0.00348EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-41163

Incorrect security UI in WebAppInstalls in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00211EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41177

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00263EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41219

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41217

An access violation in the BaseSplitterFile::Read function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS5.8AI score0.00113EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41155

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

6.1AI score0.00327EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41218

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41221

An improper input validation in the gazeborosdiffdrive.cpp component of gazeboplugins v3.9.0 allows attackers to cause a Denial of Service DoS via supplying a crafted geometrymsgs::Twist message...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41213

Craft CMS is a content management system CMS. In versions 5.9.0 and above prior to 5.10.0, control panel users with the ability to edit entries can execute unsandboxed Twig code via the HTTP Referrer header, potentially leading to authenticated RCE. The issue happens when a user is saving entries...

8.7CVSS5.8AI score0.00293EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41212

Craft CMS is a content management system CMS. In versions starting from 4.0.0-RC1 and prior to 4.18.0, and 5.0.0-RC1 and above, prior to 5.10.0, the dataUrl Twig function is included in Craft’s Twig sandbox allowlist, allowing any control panel user granted the utility:system-messages permission ...

6CVSS5.8AI score0.00268EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41209

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types...

7.4CVSS5.8AI score0.00311EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-39027

Ghost: Cache-poisoning XSS in Ghost frontend via x-ghost-preview header...

9.6CVSS5.8AI score0.00244EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41153

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can store a malicious JavaScript payload in an entry title. When an admin, or any control panel user with saveEntries for the same Structure section, drags another entry under th...

5.9CVSS5.7AI score0.00412EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago54 views

EUVD-2026-32710

Keycloak has privilege escalation via improper scope mapping enforcement...

7.3CVSS5.8AI score0.00292EPSS
Exploits0References12
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41152

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.27.0, the RMI context propagation payload reader limits the number of context entries but does not limit the aggregate size of the strings read from the...

5.3CVSS5.8AI score0.00238EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41151

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.28.0, the JDBC auto-instrumentation may fail to sanitize passwords in SQL CONNECT statements when the password is double-quoted. As a result, clear-text...

6.5CVSS5.7AI score0.00219EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41150

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, reflected cross-site scripting XSS vulnerability exists on the dynamic image URL generator view within the Wagtail admin interface. A user with a limited-permission editor account for...

7.3CVSS5.5AI score0.00203EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41149

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, a low-level user with the "Can submit translation" permission can create translations for any page, including those they do not have permissions for. This issue has been fixed in...

4.3CVSS5.8AI score0.00162EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-41148

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, due to a missing permission check on the image preview endpoint, a user with access to the Wagtail admin can preview any image. The existing data of the image object itself is not...

6.5CVSS5.6AI score0.00201EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41147

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, the Documents and Images chooser's chosen endpoint incorrectly listed items for which the user has not been granted choose permission. A user with access to the Wagtail admin could se...

4.3CVSS5.6AI score0.00162EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-41146

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, an authenticated admin user can trigger expensive rendition processing with purposefully crafted filter specs resulting in potentially service degradation. The vulnerability is not...

4.3CVSS5.6AI score0.0022EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41145

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a user-to-server token scoped to a GitHub App installation to perform certain write operations on public repositories outside the token's intended scope. This was possible because the authorization...

5.3CVSS5.8AI score0.00284EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41144

Silverstripe Framework is a PHP framework which powers the Silverstripe CMS. In versions prior to 6.2.2, the "Insert media from web" functionality in the CMS is vulnerable to XSS from a specially crafted embed. This issue was fixed in version 6.2.2/...

5.4CVSS5.8AI score0.00263EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41143

Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a rich-text URL-sanitization bypass enable stored XSS and session takeover. The library registers window message listeners — the useTina overlay handler,...

7.6CVSS5.7AI score0.00196EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-40130

Rancher has Privilege Escalation from Project Owner to Host...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References4
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-40297

Rancher has over-inclusive team membership expansion in GitHub App authentication provider...

8.8CVSS5.8AI score0.0037EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41142

Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching the marker "TINAINTERNAL:::.?:::" inside the stringified...

7.8CVSS6.1AI score0.0017EPSS
Exploits0References1
Total number of security vulnerabilities417518