0.0

CVE-2026-38948 -

Cross-Site Scripting (XSS) vulnerability exists in FUEL CMS v1.5.2 and before within the asset upload functionality. The application fails to properly sanitize uploaded SVG files, allowing a low-privileged authenticated user to upload a crafted SVG file containing malicious code.

๐Ÿ“… Published: April 28, 2026, midnight ๐Ÿ”„ Last Modified: April 28, 2026, 3:55 p.m.

8.8

CVSS3.1

CVE-2026-7363 - chromium-browser: Use after free in Canvas

Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)

๐Ÿ“… Published: April 28, 2026, midnight ๐Ÿ”„ Last Modified: April 30, 2026, 4:37 p.m.

8.3

CVSS3.1

CVE-2026-7352 - chromium-browser: Use after free in Media

Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

๐Ÿ“… Published: April 28, 2026, midnight ๐Ÿ”„ Last Modified: April 30, 2026, 4:40 p.m.

8.1

CVSS3.1

CVE-2026-7347 - chromium-browser: Use after free in Chromoting

Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)

๐Ÿ“… Published: April 28, 2026, midnight ๐Ÿ”„ Last Modified: April 30, 2026, 6:27 p.m.

8.8

CVSS3.1

CVE-2026-7342 - chromium-browser: Use after free in WebView

Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

๐Ÿ“… Published: April 28, 2026, midnight ๐Ÿ”„ Last Modified: April 30, 2026, 4:36 p.m.

8.8

CVSS3.1

CVE-2026-7341 - chromium-browser: Use after free in WebRTC

Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

๐Ÿ“… Published: April 28, 2026, midnight ๐Ÿ”„ Last Modified: April 30, 2026, 4:36 p.m.

4.3

CVSS3.1

CVE-2026-7340 - chromium-browser: Integer overflow in ANGLE

Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

๐Ÿ“… Published: April 28, 2026, midnight ๐Ÿ”„ Last Modified: April 30, 2026, 4:36 p.m.

8.8

CVSS3.1

CVE-2026-7334 - chromium-browser: Use after free in Views

Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

๐Ÿ“… Published: April 28, 2026, midnight ๐Ÿ”„ Last Modified: April 30, 2026, 6:29 p.m.

8.1

CVSS3.1

CVE-2026-42167 -

mod_sql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands (e.g., COPY TO PROGRAM).

๐Ÿ“… Published: April 28, 2026, midnight ๐Ÿ”„ Last Modified: May 4, 2026, 3:15 p.m.

5.3

CVSS3.1

CVE-2025-60887 - Cista Vulnerability: Insecure Deserialization Enables Memory Address Disclosure and ASLR Bypass

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering, wโ€ฆ

๐Ÿ“… Published: April 28, 2026, midnight ๐Ÿ”„ Last Modified: April 29, 2026, 10:11 a.m.
Total resulsts: 347919
Page 104 of 34,792
ยซ previous page ยป next page
Filters