1266 matches found
PT-2026-46786
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
PT-2026-46803
Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. Chromium security severity: Low...
Security Bulletin: Multiple vulnerabilities in IBM Security QRadar EDR Software
Summary Multiple vulnerabilities were addressed in IBM Security QRadar EDR Software version 3.12.25 Vulnerability Details CVEID:CVE-2026-30951 DESCRIPTION: Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 149 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 149.0.7827.53 Linux 149.0.7827.53/54 Windows/Mac contains a number of fixes and improvements -- a list of changes is availab...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. in the United States. Payments is one of the payment components included in Google Chrome. Blink is a browser rendering engine developed jointly by Google Inc. and Opera Software AB in Norway. V8 is an open-source JavaScript engine used in...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Cast Streaming component’s ability to reuse resources after they were released, potentially allowing attacker...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation errors. This vulnerability stemmed from insufficient validation of non-trusted inputs in Cast. A remote attacker could exploit this vulnerabilit...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability, which stems from insufficient validation of untrusted inputs by the Cast component...
PT-2026-46455
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the Cast component. This allows an attacker located on the same local network segment to execute arbitrary code by sending malicious network traffic...
PT-2026-46417
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in Cast Streaming. This allows an attacker located on the same local network segment to execute arbitrary code by sending malicious network traffic. Use...
PT-2026-46597
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Cast component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document o...
PT-2026-46419
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Cast allows an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Use after free is a condition where ...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-46597)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-46597 advisory. - An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM pack...
SUSE CVE-2026-46006
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
CVE-2026-46006
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
UBUNTU-CVE-2026-46006
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
CVE-2026-46006
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
CVE-2026-46006 drm/nouveau: fix u32 overflow in pushbuf reloc bounds check
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
CVE-2026-46006
The CVE-2026-46006 entry concerns the Linux kernel’s drm/nouveau driver. A 32‑bit overflow in nouveau_gem_pushbuf_reloc_apply() could cause incorrect relocation bounds checks: r->reloc_bo_offset + 4 is computed in 32‑bit space, wrapping before comparing to nvbo->bo.base.size. The fix casts ...
UBUNTU-CVE-2026-46598
For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...