|
161
|
8.1 |
HIGH
Network
|
memcached
|
memcached
|
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass.
New
|
CWE-208
Information Exposure Through Timing Discrepancy
|
CVE-2026-47784
|
2026-05-22 02:06 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
162
|
7.0 |
HIGH
Local
|
samba
|
rsync
|
Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replac…
New
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-29518
|
2026-05-22 02:05 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
163
|
6.5 |
MEDIUM
Network
|
veritas
|
infoscale_operations_manager
|
SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges.
New
|
CWE-89
SQL Injection
|
CVE-2026-44923
|
2026-05-22 01:57 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
164
|
5.4 |
MEDIUM
Network
|
veritas
|
infoscale_operations_manager
|
InfoScale VIOM 9.1.3 allows XSS.
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-44924
|
2026-05-22 01:57 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
165
|
8.8 |
HIGH
Adjacent
|
veritas
|
infoscale_operations_manager
|
Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active session into clicking a malicious HTML link, which t…
New
|
CWE-352
Origin Validation Error
|
CVE-2026-44925
|
2026-05-22 01:57 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
166
|
4.2 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in UI in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML pag…
New
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-9110
|
2026-05-22 01:56 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
167
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
New
|
CWE-416
Use After Free
|
CVE-2026-9111
|
2026-05-22 01:56 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
168
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in GPU in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
New
|
CWE-416
Use After Free
|
CVE-2026-9112
|
2026-05-22 01:56 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
169
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-9113
|
2026-05-22 01:56 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
170
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in QUIC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: Hig…
New
|
CWE-416
Use After Free
|
CVE-2026-9114
|
2026-05-22 01:56 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
