Lucene search
K

128 matches found

Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-15127

Inappropriate implementation in WebGL in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

0.00139EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Firefox, Thunderbird

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

7.5CVSS7AI score0.00577EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/06/22 12:0 a.m.4 views

The vulnerability in the Graphics component of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to cause a service failure.

The vulnerability of the Graphics component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

7.8CVSS5.7AI score0.00433EPSS
Exploits0References14Affected Software6
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12303

Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

4.3CVSS5.3AI score0.00222EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.9 views

Mozilla Thunderbird < 152.0

The version of Thunderbird installed on the remote Windows host is prior to 152.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-60 advisory. - Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

9.8CVSS5.8AI score0.00476EPSS
Exploits0References41
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.10 views

Chromium: CVE-2026-11052 Type Confusion in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

9.6CVSS5.4AI score0.00255EPSS
Exploits0
NVD
NVD
added 2026/06/04 11:17 p.m.11 views

CVE-2026-11180

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00229EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:3 p.m.38 views

CVE-2026-10891

Use after free in GFX in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

0.00325EPSS
Exploits0References2
OSV
OSV
added 2026/06/01 11:7 a.m.7 views

SUSE-SU-2026:21963-1 Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

7.8CVSS6.4AI score0.03663EPSS
Exploits17References13
OSV
OSV
added 2026/05/28 11:16 p.m.16 views

DEBIAN-CVE-2026-9936

Use after free in GFX in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 10:25 p.m.12 views

CVE-2026-9936

Use after free in GFX in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00222EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

The return value from gfx::SourceSurfaceSkia::Map wasn’t verified, which could potentially lead to a null pointer dereferencing. This vulnerability affects Firefox versions less than 110...

7.5CVSS7.4AI score0.00622EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.21 views

Amazon Linux 2023 : firefox (ALAS2023-2026-1652)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1652 advisory. Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero. CVE-2026-6654...

9.8CVSS6.1AI score0.04938EPSS
Exploits2References60
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.17 views

Windows Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00298EPSS
Exploits0
Kaspersky
Kaspersky
added 2026/05/05 12:0 a.m.14 views

KLA91026 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution...

8.8CVSS6.6AI score0.00281EPSS
Exploits0References3
OSV
OSV
added 2026/04/02 4:48 p.m.27 views

MGASA-2026-0081 Updated thunderbird packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Spoofing issue in Thunderbird. CVE-2026-3889 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in...

10CVSS6.5AI score0.01279EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.12 views

Amazon Linux 2023 : firefox (ALAS2023-2026-1470)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1470 advisory. Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and Firefox ESR 140.8. CVE-2026-2757 Use-after-free in the...

10CVSS6.1AI score0.00604EPSS
Exploits0References76
Talos
Talos
added 2026/03/17 12:0 a.m.6 views

Canva Affinity EMF File EMR_POLYDRAW Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2301 Canva Affinity EMF File EMRPOLYDRAW Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66000 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...

7.1CVSS6AI score0.00268EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/02/24 1:50 a.m.3 views

CVE-2026-25989

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check instead of = that allows bypass the guard and reach an undefined sizet cast...

7.5CVSS5.6AI score0.00594EPSS
Exploits0
Cvelist
Cvelist
added 2026/02/02 3:20 p.m.33 views

CVE-2025-47398 Use After Free in Graphics

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers...

7.8CVSS0.00092EPSS
Exploits0References1
Rows per page
Query Builder