|
1401
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity:…
|
CWE-20
Improper Input Validation
|
CVE-2026-10966
|
2026-06-9 04:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1402
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). This issue uniquely…
|
CWE-78
OS Command
|
CVE-2026-25620
|
2026-06-9 04:15 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1403
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects versi…
|
CWE-78
OS Command
|
CVE-2026-25621
|
2026-06-9 04:13 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1404
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logg…
|
CWE-78
OS Command
|
CVE-2026-25622
|
2026-06-9 04:10 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1405
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators c…
|
CWE-78
OS Command
|
CVE-2026-25623
|
2026-06-9 04:10 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1406
|
4.8 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated use…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25624
|
2026-06-9 04:08 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1407
|
7.4 |
HIGH
Network
|
asynchttpclient_project
|
async-http-client
|
The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. Versions on the 2.x branch prior to 2.15.0 and the 3.x branch pri…
|
CWE-200
Information Exposure
|
CVE-2026-45300
|
2026-06-9 03:37 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1408
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a cr…
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-11022
|
2026-06-9 03:37 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1409
|
7.8 |
HIGH
Local
|
x.org
redhat
|
x_server
xwayland
enterprise_linux
|
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function Ch…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-50259
|
2026-06-9 03:28 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1410
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Link Preview in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted…
|
CWE-284
Improper Access Control
|
CVE-2026-11017
|
2026-06-9 03:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
