Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007207)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007207 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when glyphData is present, cleardecompress calls...

AlmaLinux 8 : thunderbird (ALSA-2026:6917)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:6917 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34...

RHEL 10 : thunderbird (RHSA-2026:8315)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:8315 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Use-after-free in the JavaScript Engin...

AlmaLinux 9 : firefox (ALSA-2026:7671)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7671 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of service v...

SUSE CVE-2026-33901

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in...

EUVD-2026-23096

A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's ReadJeffsImage function allows an attacker to write beyond an allocated buffer by processing a specially crafted GIF file. This can lead to a denial of service or potentially arbitrary code execution...

CVE-2026-6314

Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6384

A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's ReadJeffsImage function allows an attacker to write beyond an allocated buffer by processing a specially crafted GIF file. This can lead to a denial of service or potentially arbitrary code execution...

CVE-2026-32221

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally...

CVE-2026-6384

GIMP contains a buffer overflow in the GIF image loading component’s ReadJeffsImage function. Processing a specially crafted GIF can cause writes beyond the allocated buffer, leading to denial of service and potentially arbitrary code execution. Affected software: GIMP (GIF image processing). Und...

CVE-2026-6314

CVE-2026-6314 affects Google Chrome’s GPU process. An out-of-bounds write in the GPU code prior to version 147.0.7727.101 could allow a remote attacker with GPU process access to potentially escape the sandbox via a crafted HTML page. Impact is a sandbox escape risk as described in the entry. Aff...

CVE-2026-6314

Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6314

Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6314

Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6309

Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6296

CVE-2026-6296 is a heap buffer overflow in ANGLE within Google Chrome, prior to version 147.0.7727.101, enabling a remote attacker to potentially escape the sandbox via a crafted HTML page. The issue is addressed in Chrome’s 147.0.7727.101 stable release (and related channel updates), with Debian...

CVE-2026-6296

Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...

firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Race condition, use-after-free in the Graphics: WebRender component...

firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...