VIR Vulnerability Intelligence Relay

Search

Found 1,278 results in 150ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-6319 high 7.5 7.5 FIX debian debian google 2mo ago Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted…
CVE-2026-6318 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-6363 high 8.8 8.8 FIX debian debian google 2mo ago Type Confusion in V8 in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-6316 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6311 high 8.3 8.3 FIX debian debian google 2mo ago Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a…
CVE-2026-6310 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 2mo ago Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
CVE-2026-6305 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
CVE-2026-6303 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6358 high 8.8 8.8 FIX debian debian google 2mo ago Use after free in XR in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Critic…
CVE-2026-6297 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 2mo ago Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. (Chromium securi…
CVE-2026-31419 high 7.8 7.8 FIX slesdebian debian linux-kernel google 2mo ago In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast() bond_xmit_broadcast() reuses the original skb for the last slave (deter…
CVE-2026-4878 high 7.0 7.0 FIX rheldebian debian sles libcap_projectredhatgoogle 2mo ago A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to…
CVE-2026-27135 high 7.5 7.5 FIX rocky rhel sles nghttp2google 2mo ago RHSA-2026:8339: nodejs:20 security update (Important)
CVE-2026-5915 high 8.1 8.1 FIX debian debian linux-kernelmacos macos google 2mo ago Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium secur…
CVE-2026-5914 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Ext…
CVE-2026-5913 high 8.1 8.1 FIX debian debian linux-kernelmacos macos google 2mo ago Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-5912 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2mo ago Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-5910 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
CVE-2026-5909 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
CVE-2026-5908 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
CVE-2026-5883 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2mo ago Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-5879 high 8.8 8.8 FIX debian debianmacos macos google 2mo ago Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chrom…
CVE-2026-5865 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-5863 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H…
CVE-2026-5860 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 2mo ago Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-35611 high 8.0 slesdebian debian google 2mo ago Addressable has a Regular Expression Denial of Service in Addressable templates
CVE-2026-31789 critical 9.8 9.8 FIX slesdebian debian opensslgoogle 2mo ago Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a cr…
CVE-2026-28390 high 7.5 7.5 FIX slesdebian debian rhel opensslgoogle 2mo ago Moderate: openssl security update
CVE-2026-28389 high 7.5 7.5 FIX slesdebian debian opensslgoogle 2mo ago Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlle…
CVE-2026-28388 high 7.5 7.5 FIX debian debian opensslgoogle 2mo ago Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A …
CVE-2026-28387 high 8.1 8.1 FIX slesdebian debian opensslgoogle 2mo ago Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-…
CVE-2026-31407 high 7.1 7.1 FIX slesdebian debian linux-kernel google 2mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. The…
CVE-2026-31403 high 7.8 7.8 FIX slesdebian debian linux-kernel google 2mo ago In the Linux kernel, the following vulnerability has been resolved: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd The /proc/fs/nfs/exports proc entry is created at module ini…
CVE-2026-23458 high 7.8 7.8 FIX slesdebian debian linux-kernel google 2mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() ctnetlink_dump_exp_ct() stores a conntrack pointer in cb->dat…
CVE-2026-5272 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2mo ago Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-23171 high 7.8 7.8 FIX rhel sles rocky google 2mo ago Moderate: kernel security update
CVE-2026-34040 high 8.0 FIX debian debian sles google 2mo ago Moby has AuthZ plugin bypass when provided oversized request bodies
CVE-2025-61731 high 8.0 FIX rocky rheldebian debian google 2mo ago Important: golang security update
CVE-2026-33210 high 8.0 FIX rheldebian debianalmalinux almalinux google 3mo ago Important: ruby:4.0 security update
CVE-2026-23269 high 7.1 7.1 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: apparmor: validate DFA start states are in bounds in unpack_pdb Start states are read from untrusted data and used as indexes int…
CVE-2026-23268 high 7.8 7.8 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remov…
CVE-2026-23245 high 7.8 7.8 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: net/sched: act_gate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump p…
CVE-2026-2219 high 7.5 7.5 FIX debian debian sles debiangoogle 3mo ago It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, wh…
CVE-2025-61732 high 8.0 FIX rocky rheldebian debian google 4mo ago A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
CVE-2025-61728 high 8.0 FIX rocky rheldebian debian google 4mo ago archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously construct…
CVE-2026-0994 high 8.0 rhel sles rocky google 4mo ago Important: protobuf security update
CVE-2025-61729 high 8.0 FIX rocky rheldebian debian google 5mo ago Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string con…
CVE-2026-21932 high 7.4 7.4 FIX slesdebian debian oraclegoogle 5mo ago Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: AWT, JavaFX). Supported versions that are affected are Oracle Jav…
CVE-2025-38584 high 7.8 7.8 FIX slesdebian debian linux-kernel google 10mo ago In the Linux kernel, the following vulnerability has been resolved: padata: Fix pd UAF once and for all There is a race condition/UAF in padata_reorder that goes back to the initial commit. A refe…
CVE-2025-47907 high 8.0 rheldebian debian sles google 10mo ago Incorrect results returned from Rows.Scan in database/sql
CVE-2025-4674 high 8.0 FIX rhel rockydebian debian google 10mo ago Important: golang security update
CVE-2025-22866 high 8.0 FIX rheldebian debian sles google 1y ago Important: delve and golang security update
CVE-2014-1745 high 7.1 7.1 FIX sles rhel rocky google 2y ago Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other…
CVE-2022-42004 high 8.0 FIX rocky slesdebian debian google 4y ago Uncontrolled Resource Consumption in FasterXML jackson-databind
CVE-2022-42003 high 8.0 FIX rocky slesdebian debian google 4y ago Uncontrolled Resource Consumption in Jackson-databind
CVE-2022-38750 high 8.0 FIX rocky slesdebian debian google 4y ago snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
CVE-2022-38749 high 8.0 FIX rocky slesdebian debian google 4y ago snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
CVE-2022-25647 high 7.5 7.5 FIX slesdebian debian googlenetapporacle 4y ago Deserialization of Untrusted Data in Gson
CVE-2021-39156 high 8.0 FIX arch arch google 5y ago Istio Fragments in Path May Lead to Authorization Policy Bypass
CVE-2021-39155 high 8.0 FIX arch arch google 5y ago Authorization Policy Bypass Due to Case Insensitive Host Comparison
CVE-2019-13721 high 8.8 8.8 FIX arch archdebian debian google 7y ago Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-5122 high 8.8 8.8 FIX arch archdebian debian google 9y ago arbitrary code execution in chromium
CVE-2017-5121 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago arbitrary code execution in chromium
CVE-2017-5116 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5115 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5114 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5113 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5112 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5111 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5108 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5100 high 8.8 8.8 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5099 high 8.8 8.8 FIX arch arch linux-kerneldebian debian google 9y ago multiple issues in chromium
CVE-2017-5098 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5097 high 8.8 8.8 FIX arch arch linux-kerneldebian debian google 9y ago multiple issues in chromium
CVE-2017-5095 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5092 high 8.8 8.8 FIX arch archdebian debian google 9y ago multiple issues in chromium
CVE-2017-5091 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5088 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5087 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5080 high 8.8 8.8 FIX arch arch linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5078 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5077 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5074 high 8.0 8.0 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5073 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5068 high 7.5 7.5 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2017-5064 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5063 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5062 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5059 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5058 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5057 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5056 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2017-5055 high 8.8 8.8 FIX arch arch linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2017-5054 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2017-5053 critical 9.6 9.6 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2017-5052 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2015-5237 high 8.8 8.8 debian debian google 9y ago protobuf susceptible to buffer overflow
CVE-2017-9245 high 7.5 7.5 google 9y ago The Google News and Weather application before 3.3.1 for Android allows remote attackers to read OAuth tokens by sniffing the network and leveraging the lack of SSL.
CVE-2016-5178 critical 9.8 9.8 FIX arch archdebian debiansuse suse google 9y ago arbitrary code execution in chromium
CVE-2016-5177 high 8.8 8.8 FIX arch archdebian debiansuse suse google 9y ago arbitrary code execution in chromium