Amazon Linux 2 : ecs-service-connect-agent, --advisory ALAS2ECS-2026-126 (ALASECS-2026-126)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.34.13.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2026-126 advisory. A denial-of-service vulnerability was found in Envoy's HTTP/2 HPACK header compression implementation. A...

Astra Linux – Vulnerability in Chromium

The use of after-free in Dawn, prior to version 126.0.6478.54, allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux – Vulnerability in Chromium

The use of after-free in Dawn, prior to version 126.0.6478.114, allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux – Vulnerability in Firefox

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox versions less than 126...

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome before version 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

Astra Linux – Vulnerability in Firefox

A memory allocation check was missing, which could lead to a “use-after-free” error if the allocation failed. This could potentially trigger a crash or be exploited to achieve code execution. This vulnerability affects Firefox versions less than 126...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI through a malicious file. Chromium security severity: Medium...

Astra Linux – Vulnerability in Firefox

Multiple WebRTC threads may have claimed a newly connected audio input, resulting in a use-after-free vulnerability. This vulnerability affects Firefox versions less than 126...

Astra Linux – Vulnerability in Chromium

In Dawn, out-of-bounds memory access in Google Chrome before version 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в firefox, thunderbird

A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution within the PDF.js context. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

Astra Linux - уязвимость в firefox

A malicious website might have included an iframe with a malformed URI, resulting in a non-exploitable browser crash. This vulnerability affects Firefox versions earlier than 126...

Astra Linux - уязвимость в firefox

A file dialog box displayed in full-screen mode might have caused the window to remain disabled. This vulnerability affects Firefox versions earlier than 126...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 125. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions earlier than 126...

PT-2026-35075

Name of the Vulnerable Software and Affected Versions Deskflow versions prior to 1.26.0.138 Description A remote memory-safety issue in clipboard deserialization allows a connected peer to trigger an out-of-bounds read by sending a malformed clipboard update. The problem exists in the...

MiracleLinux 8 : iperf3-3.5-12.el8_10 (AXSA:2026-126:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-126:02 advisory. iperf3: iperf Heap Buffer Overflow CVE-2025-54349 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 7 : nss-util-3.19.1-9.el7 (AXSA:2016-126:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-126:01 advisory. Utilities for Network Security Services and the Softoken module Security issues fixed with this release: CVE-2016-1950 RESERVED This candidate has been reserv...

MiracleLinux 4 : glibc-2.12-1.149.AXS4.7 (AXSA:2015-126:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-126:03 advisory. Description: The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory,...

Memory safety bugs present in Firefox 125. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126.

...

When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox < 126.

...

Memory safety bugs present in Firefox 126. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127.

...