|
3321
|
8.8 |
HIGH
Network
|
-
|
-
|
YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data['id_fiche'…
|
CWE-89
SQL Injection
|
CVE-2026-41143
|
2026-05-8 00:43 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3322
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gpio: Fix resource leaks on errors in gpiochip_add_data_with_key()
Since commit aab5c6f20023 ("gpio: set device type for GPIO chi…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-31732
|
2026-05-8 00:36 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3323
|
5.4 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-8015
|
2026-05-8 00:30 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3324
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
|
CWE-416
Use After Free
|
CVE-2026-8016
|
2026-05-8 00:29 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3325
|
3.1 |
LOW
Network
|
google
|
chrome
|
Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
|
CWE-1300
Improper Protection of Physical Side Channels
|
CVE-2026-8017
|
2026-05-8 00:29 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3326
|
5.4 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in WebApp in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-8019
|
2026-05-8 00:26 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3327
|
5.3 |
MEDIUM
Network
|
google
|
chrome
|
Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process…
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-8020
|
2026-05-8 00:21 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3328
|
5.0 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML pa…
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-8009
|
2026-05-8 00:20 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3329
|
5.4 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML (UXSS) via a craft…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8012
|
2026-05-8 00:19 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3330
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: L…
|
CWE-20
Improper Input Validation
|
CVE-2026-8013
|
2026-05-8 00:19 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
