|
2831
|
9.1 |
CRITICAL
Network
|
apache
|
ofbiz
|
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache OFBiz.
This issue affects Apache OFBiz: before 24.09.06.
Users are recommended to upgrad…
|
CWE-90
LDAP Injection
|
CVE-2026-41919
|
2026-05-20 01:35 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2832
|
6.5 |
MEDIUM
Network
|
apache
|
ofbiz
|
Improper Authorization vulnerability in Apache OFBiz Webtools.
This issue affects Apache OFBiz: before 24.09.06.
Users are recommended to upgrade to version 24.09.06, which fixes the issue.
|
CWE-285
Improper Authorization
|
CVE-2026-45187
|
2026-05-20 01:35 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2833
|
9.1 |
CRITICAL
Network
|
freedesktop
|
gst-plugins-good
|
An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_audio_caps function does not sufficiently validate atom data before per…
|
CWE-369
Divide By Zero
|
CVE-2026-46470
|
2026-05-20 01:34 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2834
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via…
|
CWE-862
Missing Authorization
|
CVE-2026-8547
|
2026-05-20 01:33 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2835
|
5.3 |
MEDIUM
Network
|
google
|
chrome
|
Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information fr…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-8546
|
2026-05-20 01:33 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2836
|
5.3 |
MEDIUM
Network
|
google
|
chrome
|
Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive infor…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-8543
|
2026-05-20 01:33 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2837
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM…
|
CWE-416
Use After Free
|
CVE-2026-8542
|
2026-05-20 01:32 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2838
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a …
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-8585
|
2026-05-20 01:30 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2839
|
4.2 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page…
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-8584
|
2026-05-20 01:29 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2840
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Network in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted …
|
CWE-416
Use After Free
|
CVE-2026-8530
|
2026-05-20 01:27 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
