Lucene search
K

2807 matches found

OSV
OSV
added 4 days ago4 views

DEBIAN-CVE-2026-58402

Hugo is a static site generator. From 0.60.0 until 0.163.3, Hugo's default code-block renderer wrote the Markdown code-fence language or info-string into the code class="language-…" data-lang="…" wrapper without HTML escaping. A fence info-string containing a quote and a script payload breaks out...

5.4CVSS5.8AI score0.00172EPSS
Exploits0References1
OSV
OSV
added 4 days ago3 views

DEBIAN-CVE-2026-50133

Hugo is a static site generator. Prior to 0.162.0, Hugo accepts content files in several markup formats. Files mapped to the text/html media type typically .html files under /content, or pages produced by a content adapter that sets content.mediaType = "text/html" had their body emitted verbatim...

6.1CVSS5.4AI score0.00187EPSS
Exploits0References1
OSV
OSV
added 4 days ago2 views

DEBIAN-CVE-2026-42546

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.3.0 and prior to version 4.11.0, a resource leak exists in OP-TEE’s shared memory cleanup logic because the functio...

3.8CVSS6AI score0.00105EPSS
Exploits0References1
OSV
OSV
added 4 days ago4 views

DEBIAN-CVE-2026-55380

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...

7.5CVSS6AI score0.00361EPSS
Exploits1References1
OSV
OSV
added 6 days ago5 views

DEBIAN-CVE-2026-58210

Bulletin has no description...

5.9AI score0.00732EPSS
Exploits0References1
OSV
OSV
added last week4 views

DEBIAN-CVE-2026-14355

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References1
OSV
OSV
added 2026/07/02 8:48 a.m.3 views

DEBIAN-CVE-2026-47709

Bulletin has no description...

5.7AI score0.00025EPSS
Exploits0References1
OSV
OSV
added 2026/07/02 8:48 a.m.2 views

DEBIAN-CVE-2026-47254

Bulletin has no description...

5.7AI score0.00024EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.3 views

DEBIAN-CVE-2026-14427

Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS6.1AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.3 views

DEBIAN-CVE-2026-14430

Integer overflow in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00291EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.4 views

DEBIAN-CVE-2026-14419

Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00215EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.3 views

DEBIAN-CVE-2026-14421

Uninitialized Use in Dawn in Google Chrome on ChromeOS prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00215EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.5 views

DEBIAN-CVE-2026-14410

Inappropriate implementation in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.4 views

DEBIAN-CVE-2026-14399

Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.3 views

DEBIAN-CVE-2026-14397

Out of bounds write in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.5 views

DEBIAN-CVE-2026-14395

Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

8.8CVSS6.2AI score0.00275EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.3 views

DEBIAN-CVE-2026-14392

Out of bounds write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.3 views

DEBIAN-CVE-2026-14390

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 11:16 p.m.2 views

DEBIAN-CVE-2026-14385

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00327EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 12:16 a.m.3 views

DEBIAN-CVE-2026-54900

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with createid enabled, Oj::Parserparse is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer...

6.3CVSS5.7AI score0.00253EPSS
Exploits0References1
Rows per page
Query Builder