|
801
|
7.4 |
HIGH
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via …
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-10968
|
2026-06-9 04:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
802
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity:…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-10966
|
2026-06-9 04:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
803
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). This issue uniquely…
Update
|
CWE-78
OS Command
|
CVE-2026-25620
|
2026-06-9 04:15 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
804
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects versi…
Update
|
CWE-78
OS Command
|
CVE-2026-25621
|
2026-06-9 04:13 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
805
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logg…
Update
|
CWE-78
OS Command
|
CVE-2026-25622
|
2026-06-9 04:10 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
806
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators c…
Update
|
CWE-78
OS Command
|
CVE-2026-25623
|
2026-06-9 04:10 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
807
|
4.8 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated use…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2026-25624
|
2026-06-9 04:08 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
808
|
7.4 |
HIGH
Network
|
asynchttpclient_project
|
async-http-client
|
The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. Versions on the 2.x branch prior to 2.15.0 and the 3.x branch pri…
Update
|
CWE-200
Information Exposure
|
CVE-2026-45300
|
2026-06-9 03:37 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
809
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a cr…
Update
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-11022
|
2026-06-9 03:37 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
810
|
7.8 |
HIGH
Local
|
x.org
redhat
|
x_server
xwayland
enterprise_linux
|
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function Ch…
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-50259
|
2026-06-9 03:28 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
