|
2401
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebRTC in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-9962
|
2026-05-30 01:17 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2402
|
8.3 |
HIGH
Network
|
-
|
-
|
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (…
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-9998
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2403
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-9988
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2404
|
8.3 |
HIGH
Network
|
-
|
-
|
Integer overflow in XML in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-9966
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2405
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. T…
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-9422
|
2026-05-30 01:16 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2406
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
|
-
|
CVE-2026-9194
|
2026-05-30 01:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2407
|
7.3 |
HIGH
Network
|
-
|
-
|
IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID.
When decode_ux() in bin/…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2026-48961
|
2026-05-30 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2408
|
7.5 |
HIGH
Network
|
-
|
-
|
IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward.
fastForward() compares length $offset (the digit count of the offset, 1 to 19) agains…
|
CWE-407
Inefficient Algorithmic Complexity
|
CVE-2026-48959
|
2026-05-30 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2409
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.2.3-12.2.15. Eas…
|
CWE-269
CWE-284
CWE-306
Improper Privilege Management
Improper Access Control
Missing Authentication for Critical Function
|
CVE-2026-46824
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2410
|
7.7 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization). Supported versions that are affected are 12.2.6-12.2.15. Easily ex…
|
CWE-863
Incorrect Authorization
|
CVE-2026-46823
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
