121 matches found
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass the same-origin policy through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in the iframe sandbox of Google Chrome prior to version 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page...
Astra Linux - уязвимость в firefox
Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs in Firefox 95. Some of these bugs exhibited signs of memory corruption, and we believe that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects...
CVE-2026-7928
Use after free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
requests-hardened is Vulnerable to Server-Side Request Forgery
The SSRF protection in requests-hardened prior to version 1.2.1 fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary URLs to requests-hardened could exploit this gap to access internal services hosted within 100.64.0.0/10. This i...
Astra Linux - уязвимость в chromium
In Google Chrome, using "after free" in V8 before version 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в firefox, thunderbird
Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free condition, potentially causing a crash that can be exploited. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
Astra Linux - уязвимость в chromium
Before version 96.0.4664.93, using the "after free" mechanism in Google Chrome’s developer tools allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2026-33847
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR96...
CVE-2026-33848
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR96...
CVE-2026-33847
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR96...
CVE-2026-33849 Improper Restriction of Operations within the Bounds of a Memory Buffer in linkingvision rapidvms
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR96...
CVE-2026-33849
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR96...
CVE-2026-33848 Improper Restriction of Operations within the Bounds of a Memory Buffer in linkingvision rapidvms
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR96...
CVE-2026-33848
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR96...
EulerOS Virtualization 2.12.0 : nss (EulerOS-SA-2026-1504)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash...
EulerOS Virtualization 2.10.1 : nss (EulerOS-SA-2026-1133)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash...
EUVD-2026-0929
Malicious code in lium-4-96 PyPI...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.6 bsc1254551. MFSA 2025-96 CVE-2025-14321: use-after-free in the WebRTC: Signaling component. CVE-2025-14322: sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...