|
1571
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Inappropriate implementation in Base in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via …
|
CWE-20
Improper Input Validation
|
CVE-2026-11047
|
2026-06-9 00:03 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1572
|
7.5 |
HIGH
Network
|
-
|
-
|
Comodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser decrements an unsigned 64-bit payload-length value (taken from the IPv6 fixe…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-49494
|
2026-06-9 00:03 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1573
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive informatio…
|
CWE-20
Improper Input Validation
|
CVE-2026-11045
|
2026-06-9 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1574
|
8.0 |
HIGH
Network
|
termix
|
termix
|
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Starting in version 1.7.0, Termix Desktop (Electron) disables TLS certificate validation,…
|
CWE-295
Improper Certificate Validation
|
CVE-2026-45745
|
2026-06-9 00:02 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1575
|
- |
|
-
|
-
|
Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prio…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2026-45409
|
2026-06-9 00:02 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1576
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Integer overflow in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium s…
|
CWE-472
CWE-190
External Control of Assumed-Immutable Web Parameter
Integer Overflow or Wraparound
|
CVE-2026-11044
|
2026-06-9 00:01 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1577
|
- |
|
-
|
-
|
A stack‑based
buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF CreateUsers service, where
the device fails to properly validate the number of XML user nodes during
request processi…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-6239
|
2026-06-9 00:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1578
|
- |
|
-
|
-
|
A stack-based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF DeleteUsers service, due to insufficient boundary checks when handling multiple user deletion parameters. An authenti…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-6240
|
2026-06-9 00:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1579
|
- |
|
-
|
-
|
On Tapo
C520WS v2, restricted accounts (for example, hub users) are intended to execute
only a limited set of low‑sensitivity operations. Due to a logic flaw in the
device’s API authorization mechani…
|
CWE-287
Improper Authentication
|
CVE-2026-34123
|
2026-06-9 00:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1580
|
- |
|
-
|
-
|
An authenticated format string vulnerability is present in the ONVIF AddScopes in Tapo C520WS v2, where user-controlled input is improperly passed to formatting functions without adequate sanitizatio…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2026-6241
|
2026-06-9 00:01 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
