17694 matches found
EUVD-2026-30458
Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
CVE-2026-8512
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-8512
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-8512
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-8512
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
EUVD-2026-30425
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-8512
CVE-2026-8512 affects Google Chrome FileSystem use-after-free prior to version 148.0.7778.168. A remote attacker who entices a user to perform specific UI gestures could trigger a sandbox escape via a crafted HTML page. Diagnosis: the root cause is a use-after-free in FileSystem; impact is sandbo...
CVE-2026-8512
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
PT-2026-41072
Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 148.0.7778.168 Description An out of bounds read in FileSystem allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is convinced to perform...
PT-2026-41041
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description A use after free issue in FileSystem allows a remote attacker to potentially perform a sandbox escape via a crafted HTML page, provided they can convince a user to perform specific UI...
Linux Distros Unpatched Vulnerability : CVE-2026-8512
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to...
CVE-2026-40407
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-40397
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-34340
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally...
SUSE CVE-2026-43365
In the Linux kernel, the following vulnerability has been resolved: xfs: fix undersized liclogroundoff values If the superblock doesn't list a log stripe unit, we set the incore log roundoff value to 512. This leads to corrupt logs and unmountable filesystems in generic/617 on a disk with 4k...
SUSE CVE-2026-43394
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnllistenersetdoit. nfsdnllistenersetdoit uses getcurrentcred without putcred. As we can see from other callers, svcxprtcreatefromsa does not require the extra refcount. nfsdnllistenersetdoit is alwa...
SUSE CVE-2026-43470
In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3proccreate if dalias is a dir If we found an alias through nfs3docreate/nfsaddorobtain /dsplicealias which happens to be a dir dentry, we don't return any error, and simply forget about this alias, but t...
Grafana OSS 安全漏洞
Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which stems from vulnerabilities in SQL expressions. This vulnerability could allow authenticated attackers to read arbitrary files from the Grafana server’s file system...
Unbreakable Enterprise kernel security update
5.15.0-320.202.8.3 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff Layton Orabug: 39362036 CVE-2026-31402 - net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks Victor Nogueira Orabug: 39362005 CVE-2026-23270 - KVM: x86: disable preemption around the call to...
CVE-2026-44215
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the byte offset of th...