|
1121
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Integer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Update
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-11124
|
2026-06-9 12:05 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1122
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chro…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11126
|
2026-06-9 12:05 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1123
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in WebAPKs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted WebAPK. (Chromium security severity: Medi…
Update
|
CWE-358
Improperly Implemented Security Check for Standard
|
CVE-2026-11127
|
2026-06-9 12:05 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1124
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Web Share in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a craf…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11128
|
2026-06-9 12:05 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1125
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in Printing in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted…
New
|
CWE-416
Use After Free
|
CVE-2026-11647
|
2026-06-9 11:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1126
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Use after free in Printing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
New
|
CWE-416
Use After Free
|
CVE-2026-11638
|
2026-06-9 11:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1127
|
- |
|
-
|
-
|
Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name …
New
|
CWE-22
Path Traversal
|
CVE-2026-49233
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1128
|
- |
|
-
|
-
|
When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endpoint, Routinator crashes.
This only affects users who allow API access from untrusted n…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-49234
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1129
|
- |
|
-
|
-
|
When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes.
New
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2026-49235
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1130
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denia…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-11611
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
