Lucene search
K

18309 matches found

Debian CVE
Debian CVE
added 2026/04/03 3:57 a.m.4 views

CVE-2026-35543

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.3AI score0.00402EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/04/03 1:46 a.m.7 views

Chromium: CVE-2026-5291 Inappropriate implementation in WebGL

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.8AI score0.00193EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/04/03 1:46 a.m.3 views

Chromium: CVE-2026-5285 Use after free in WebGL

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.8AI score0.00403EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/04/03 1:46 a.m.4 views

Chromium: CVE-2026-5277 Integer overflow in ANGLE

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

7.5CVSS5.8AI score0.00255EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/04/03 1:46 a.m.4 views

Chromium: CVE-2026-5272 Heap buffer overflow in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.8AI score0.0045EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

Roundcube Webmail 安全漏洞

Roundcube Webmail is an open-source browser-based IMAP client developed by Roundcube. It supports address book management, information search, spelling checking, and more. Versions of Roundcube Webmail prior to 1.5.15 and 1.6.15 contained security vulnerabilities. These vulnerabilities stemmed fr...

8.2CVSS5.8AI score0.00329EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.2 views

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-8143-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8143-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

7.8CVSS6.7AI score0.00271EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

Roundcube Webmail 安全漏洞

Roundcube Webmail is an open-source browser-based IMAP client developed by Roundcube. It supports address book management, information search, spelling checking, and more. Versions of Roundcube Webmail prior to 1.5.14 and 1.6.14 contained security vulnerabilities. These vulnerabilities stemmed fr...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-29982

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.9AI score0.00402EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.8 views

PT-2026-30165

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc1-valkyria+ Description A use-after-free issue exists in the Linux kernel related to framebuffers and property blobs when calling drm dev unplug. The issue occurs when dereferencing freed pointers related...

5.4AI score0.00032EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30160

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the DRM/XE subsystem related to GGTT MMIO access protection. Currently, GGTT MMIO access is protected by hotplug mechanisms, which function correctly...

7.8CVSS7AI score0.00129EPSS
Exploits0References16
OSV
OSV
added 2026/04/02 8:30 p.m.13 views

USN-8143-2 linux-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - GPU drivers; - BTRFS file system; - GFS2 file system; - UDF file system; - NFC subsystem; -...

7.8CVSS6.7AI score0.00271EPSS
Exploits0References8
Mageia
Mageia
added 2026/04/02 4:48 p.m.9 views

Updated nss & firefox packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-46...

10CVSS6.5AI score0.01279EPSS
Exploits1References4
OSV
OSV
added 2026/04/02 4:48 p.m.12 views

MGASA-2026-0081 Updated thunderbird packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Spoofing issue in Thunderbird. CVE-2026-3889 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in...

10CVSS6.5AI score0.01279EPSS
Exploits1References4
OSV
OSV
added 2026/04/02 4:48 p.m.12 views

MGASA-2026-0080 Updated nss & firefox packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-46...

10CVSS7.1AI score0.01279EPSS
Exploits1References5
CVE
CVE
added 2026/04/02 2:48 p.m.18 views

CVE-2026-34974

The CVE-2026-34974 vulnerability affects phpMyFAQ prior to version 4.1.1, where the SVG sanitizer (SvgSanitizer.php) uses regexes that can be bypassed by HTML entity encoding in javascript: URLs inside SVG attributes. An attacker with edit_faq permission can upload a malicious SVG that executes ...

5.4CVSS5.8AI score0.00176EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/02 8:42 a.m.4 views

SUSE CVE-2026-5285

Use after free in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00403EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.9 views

PT-2026-29785

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the regex-based SVG sanitizer in phpMyFAQ SvgSanitizer.php can be bypassed using HTML entity encoding in javascript: URLs within SVG attributes. Any user with edit faq permission can upload a malicious SVG that executes...

5.4CVSS5.8AI score0.00176EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

DbGate 代码注入漏洞

DbGate is an open-source database manager developed by DbGate. Versions of DbGate from 7.0.0 to 7.1.5 had a code injection vulnerability. This vulnerability occurred because SVG icon strings controlled by attackers were rendered as raw HTML without being cleaned properly, which could lead to...

8.2CVSS5.8AI score0.00168EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.14 views

phpMyFAQ 安全漏洞

phpMyFAQ is a multilingual, database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.1 contained security vulnerabilities. These vulnerabilities stemmed from an exploit that allowed bypassing the SVG cleaner, potentially allowing execution of arbitrary JavaScript...

5.4CVSS6.1AI score0.00176EPSS
Exploits1References2
Rows per page
Query Builder