Vulnerabilities - Yack CVE

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-25657 - - Jun 5, 2026 Jun 5, 2026 7.1 HIGH· v4 N/A· v3 N/A· v2 Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an attacker continuously sending a specially crafted message can cau...Show more Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops.Show less
CVE-2026-10879 - - Jun 5, 2026 Jun 5, 2026 N/A· v4 N/A· v3 N/A· v2 DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only alloc...Show more DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require four characters, 100-999 require five characters, et cetera.Show less
CVE-2025-71316 - - Jun 5, 2026 Jun 4, 2026 9.2 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command...Show more SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being misinterpreted as command line options. Fixed on or around 2025-12-26.Show less
CVE-2025-59174 - - Jun 5, 2026 Jun 5, 2026 7.1 HIGH· v4 6.5 MEDIUM· v3 N/A· v2 Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation.
CVE-2026-10881 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 9.6 CRITICAL· v3 N/A· v2 Out of bounds read and write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-10917 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.3 HIGH· v3 N/A· v2 Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pa...Show more Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2026-10918 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.3 HIGH· v3 N/A· v2 Use after free in Viz in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severit...Show more Use after free in Viz in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2026-10919 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.3 HIGH· v3 N/A· v2 Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security sever...Show more Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2026-10920 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.3 HIGH· v3 N/A· v2 Insufficient validation of untrusted input in WebShare in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a craft...Show more Insufficient validation of untrusted input in WebShare in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2026-10921 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.3 HIGH· v3 N/A· v2 Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security seve...Show more Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2026-10924 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.3 HIGH· v3 N/A· v2 Integer overflow in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit...Show more Integer overflow in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2026-10925 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.3 HIGH· v3 N/A· v2 Out of bounds write in Skia in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium sec...Show more Out of bounds write in Skia in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2026-10926 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. (Chromium security severity: High)
CVE-2026-10927 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.3 HIGH· v3 N/A· v2 Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security se...Show more Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2026-10935 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10936 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10957 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10960 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.3 HIGH· v3 N/A· v2 Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security s...Show more Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2026-10962 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Type Confusion in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10963 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10964 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10965 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Integer overflow in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11251 1Google 1Chrome Jun 5, 2026 Jun 5, 2026 N/A· v4 3.1 LOW· v3 N/A· v2 Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML pag...Show more Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)Show less
CVE-2026-11256 1Google 1Chrome Jun 5, 2026 Jun 5, 2026 N/A· v4 8.3 HIGH· v3 N/A· v2 Integer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security sever...Show more Integer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)Show less
CVE-2026-10969 1Google 1Chrome Jun 5, 2026 Jun 4, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page....Show more Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)Show less

Previous 1 2 345...14234 Next

Vulnerabilities (CVE)