18311 matches found
MiracleLinux 8 : firefox-140.9.0-1.el8_10.ML.1 (AXSA:2026-373:06)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-373:06 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR...
ROS-20260401-73-0025
A vulnerability in the pngsetquantize function of the libpng PNG raster graphics library is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code using a specially generated PNG file...
ROS-20260401-73-0026
A vulnerability in the pngsetquantize function of the libpng PNG raster graphics library is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code using a specially generated PNG file...
ROS-20260401-73-0021
A vulnerability in the PNG raster graphics library Libpng is related to reading outside of the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data and cause a denial of service...
ROS-20260401-73-0011
A vulnerability in the pngimagereaddirectscaled function of the libpng library is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information or cause denial of service...
Linux Distros Unpatched Vulnerability : CVE-2026-5272
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...
CVE-2026-34605
SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as . The Go HTML5...
CVE-2026-5186
A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...
Security information for Hitachi Disk Array Systems
Overview CVE-2026-20846 | GDI+ Denial of Service Vulnerability CVE-2026-21222 | Windows Kernel Information Disclosure Vulnerability CVE-2026-21231 | Windows Kernel Elevation of Privilege Vulnerability CVE-2026-21234 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability...
CVE-2026-5185 Nothings stb_image Multi-frame GIF File stb_image.h stbi__gif_load_next heap-based overflow
A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...
PT-2026-29455
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 146.0.7680.178 Description An integer overflow in ANGLE on Windows allowed a remote attacker who had compromised the renderer process to perform an out-of-bounds memory write via a crafted HTML page...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A buffer overflow vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from the GPU heap failing to properly validate the length size of input data, which can be exploited by an attacker...
Code execution vulnerability in multiple Mozilla products (CNVD-2026-19985)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due to...
Code Issue Vulnerability in Multiple Mozilla Products (CNVD-2026-19984)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products that is...
Code Issue Vulnerability in Multiple Mozilla Products (CNVD-2026-19982)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products due to an...
chromium -- security fixes
Chrome Releases reports: This update includes 21 security fixes: 493952652 High CVE-2026-5273: Use after free in CSS. Reported by Anonymous on 2026-03-18 491732188 High CVE-2026-5272: Heap buffer overflow in GPU. Reported by inspector-ambitious on 2026-03-11 488596746 High CVE-2026-5274: Integer...
firefox: thunderbird: Uninitialized memory in the Graphics: Canvas2D component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the Graphics: Canvas2D component...
firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Race condition, use-after-free in the Graphics: WebRender component...
firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...
firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics component...