Lucene search
K

18311 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.3 views

MiracleLinux 8 : firefox-140.9.0-1.el8_10.ML.1 (AXSA:2026-373:06)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-373:06 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR...

10CVSS6AI score0.00773EPSS
Exploits0References38
Redos
Redos
added 2026/04/01 12:0 a.m.7 views

ROS-20260401-73-0025

A vulnerability in the pngsetquantize function of the libpng PNG raster graphics library is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code using a specially generated PNG file...

8.3CVSS6.5AI score0.00955EPSS
Exploits1
Redos
Redos
added 2026/04/01 12:0 a.m.5 views

ROS-20260401-73-0026

A vulnerability in the pngsetquantize function of the libpng PNG raster graphics library is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code using a specially generated PNG file...

8.3CVSS6.6AI score0.00955EPSS
Exploits1
Redos
Redos
added 2026/04/01 12:0 a.m.5 views

ROS-20260401-73-0021

A vulnerability in the PNG raster graphics library Libpng is related to reading outside of the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data and cause a denial of service...

6.1CVSS6AI score0.00118EPSS
Exploits2
Redos
Redos
added 2026/04/01 12:0 a.m.6 views

ROS-20260401-73-0011

A vulnerability in the pngimagereaddirectscaled function of the libpng library is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information or cause denial of service...

7.1CVSS6AI score0.00172EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-5272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...

8.8CVSS6.6AI score0.0045EPSS
Exploits0References2
NVD
NVD
added 2026/03/31 10:16 p.m.10 views

CVE-2026-34605

SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as . The Go HTML5...

8.6CVSS0.00469EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/03/31 7:30 a.m.1 views

CVE-2026-5186

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

5.3CVSS5.2AI score0.00113EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/31 6:53 a.m.7 views

Security information for Hitachi Disk Array Systems

Overview CVE-2026-20846 | GDI+ Denial of Service Vulnerability CVE-2026-21222 | Windows Kernel Information Disclosure Vulnerability CVE-2026-21231 | Windows Kernel Elevation of Privilege Vulnerability CVE-2026-21234 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability...

8.8CVSS6.8AI score0.25835EPSS
Exploits9References25
Vulnrichment
Vulnrichment
added 2026/03/31 6:45 a.m.3 views

CVE-2026-5185 Nothings stb_image Multi-frame GIF File stb_image.h stbi__gif_load_next heap-based overflow

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

5.3CVSS6.1AI score0.00154EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.6 views

PT-2026-29455

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 146.0.7680.178 Description An integer overflow in ANGLE on Windows allowed a remote attacker who had compromised the renderer process to perform an out-of-bounds memory write via a crafted HTML page...

9.6CVSS6AI score0.05036EPSS
Exploits0References32
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A buffer overflow vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from the GPU heap failing to properly validate the length size of input data, which can be exploited by an attacker...

8.8CVSS6.4AI score0.0045EPSS
Exploits0References3
CNVD
CNVD
added 2026/03/31 12:0 a.m.14 views

Code execution vulnerability in multiple Mozilla products (CNVD-2026-19985)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due to...

9.1CVSS8AI score0.0043EPSS
Exploits0
CNVD
CNVD
added 2026/03/31 12:0 a.m.7 views

Code Issue Vulnerability in Multiple Mozilla Products (CNVD-2026-19984)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products that is...

7.5CVSS7.4AI score0.00433EPSS
Exploits0
CNVD
CNVD
added 2026/03/31 12:0 a.m.8 views

Code Issue Vulnerability in Multiple Mozilla Products (CNVD-2026-19982)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products due to an...

7.5CVSS7.4AI score0.00452EPSS
Exploits0
FreeBSD
FreeBSD
added 2026/03/31 12:0 a.m.8 views

chromium -- security fixes

Chrome Releases reports: This update includes 21 security fixes: 493952652 High CVE-2026-5273: Use after free in CSS. Reported by Anonymous on 2026-03-18 491732188 High CVE-2026-5272: Heap buffer overflow in GPU. Reported by inspector-ambitious on 2026-03-11 488596746 High CVE-2026-5274: Integer...

9.6CVSS6.2AI score0.05036EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/03/30 4:5 p.m.5 views

firefox: thunderbird: Uninitialized memory in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the Graphics: Canvas2D component...

9.1CVSS5.8AI score0.0043EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/30 4:5 p.m.3 views

firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Race condition, use-after-free in the Graphics: WebRender component...

7.5CVSS5.8AI score0.00352EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/30 4:5 p.m.4 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...

7.5CVSS5.8AI score0.00687EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/30 4:5 p.m.3 views

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics component...

7.5CVSS5.9AI score0.00772EPSS
Exploits0References6
Rows per page
Query Builder