Lucene search
K

18334 matches found

Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.8 views

PT-2026-26692

Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical memory pages. The product utilises a shared resource in a concurrent manner but does not attempt t...

6AI score0.00078EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability, which was caused by excessive reading and writing operations related to WebGL. This vulnerability could lead to arbitrary reading and writing...

8.8CVSS6.1AI score0.00324EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert drm/amd: Check if ASPM is enabled from PCIe subsystem This reverts commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References2
Amazon
Amazon
added 2026/03/19 12:0 a.m.8 views

Important: firefox

Issue Overview: Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and Firefox ESR 140.8. CVE-2026-2757 Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and...

10CVSS6AI score0.00604EPSS
Exploits0
Amazon
Amazon
added 2026/03/19 12:0 a.m.8 views

Important: thunderbird

Issue Overview: Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and Firefox ESR 140.8. CVE-2026-2757 Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and...

10CVSS6AI score0.00604EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.6 views

PT-2026-26374

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, bypasses of the attachment view logic and SVG sanitizer make it possible to upload and render an SVG that runs malicious JavaScript. An extension of .png with content type of...

8.5CVSS5.7AI score0.00207EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.13 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3198 (ALAS-2026-3198)

The version of thunderbird installed on the remote host is prior to 140.8.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3198 advisory. Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox...

10CVSS6.1AI score0.00604EPSS
Exploits0References76
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.3 views

openSUSE 16 Security Update : MozillaFirefox (openSUSE-SU-2026:20365-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20365-1 advisory. - Firefox Extended Support Release 140.8.0 ESR bsc1258568 - CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component -...

10CVSS6AI score0.00604EPSS
Exploits0References75
RedhatCVE
RedhatCVE
added 2026/03/18 8:49 p.m.5 views

CVE-2026-26740

A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...

8.2CVSS5.9AI score0.00488EPSS
Exploits1References4
Ubuntu
Ubuntu
added 2026/03/18 8:13 p.m.7 views

USN-8097-2: roundcube regression

USN-8097-1 fixed a vulnerability in roundcube. The update caused a regression affecting the HTML sanitizer, preventing Roundcube from rendering any email message body. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Roundcube...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/03/18 8:13 p.m.6 views

USN-8097-2 roundcube regression

USN-8097-1 fixed a vulnerability in roundcube. The update caused a regression affecting the HTML sanitizer, preventing Roundcube from rendering any email message body. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Roundcube...

5.7AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/18 7:54 p.m.20 views

Statamic has Stored XSS via SVG Sanitization Bypass

Impact Stored XSS vulnerability in SVG asset reuploads allows authenticated users with asset upload permissions to bypass SVG sanitization and inject malicious JavaScript that executes when the asset is viewed. Patches This has been fixed in 5.73.14 and 6.7.0...

8.7CVSS5.7AI score0.00325EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/03/18 7:54 p.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the SVG asset reupload. An attacker can execute arbitrary JavaScript in the context of users viewing the affected asset by uploading a specially crafted SVG file that bypasses sanitization. Details Cross-sit...

8.7CVSS5.8AI score0.00325EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/18 6:31 p.m.10 views

EUVD-2026-12903

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" This reverts commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after commit 0ab5d711ec74 "drm/amd: Refactor amdgpuaspm to be...

5.6AI score0.00114EPSS
Exploits0References6
NVD
NVD
added 2026/03/18 6:16 p.m.3 views

CVE-2026-23264

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" This reverts commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after commit 0ab5d711ec74 "drm/amd: Refactor amdgpuaspm to be...

5.5CVSS0.00114EPSS
Exploits0References5
OSV
OSV
added 2026/03/18 6:16 p.m.8 views

UBUNTU-CVE-2026-23264

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" This reverts commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after commit 0ab5d711ec74 "drm/amd: Refactor amdgpuaspm to be...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References16
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:41 p.m.2 views

CVE-2026-23264

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" This reverts commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after commit 0ab5d711ec74 "drm/amd: Refactor amdgpuaspm to be...

5.6AI score0.00114EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/03/18 5:41 p.m.21 views

CVE-2026-23264

The CVE-2026-23264 issue was resolved in the Linux kernel by reverting the change that checked ASPM status from the PCIe subsystem for AMD GPUs. This reversal addressed crashes that occurred when two AMD GPUs were present but only one supported ASPM. The fix is tied to a specific revert of a prev...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/03/18 5:41 p.m.20 views

CVE-2026-23264 Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" This reverts commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after commit 0ab5d711ec74 "drm/amd: Refactor amdgpuaspm to be...

0.00114EPSS
Exploits0References5
OSV
OSV
added 2026/03/18 1:37 p.m.5 views

OPENSUSE-SU-2026:20391-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: - Mozilla Thunderbird 140.8.1 ESR Add mail.openpgp.loaduntestedgpgmeversion to load untested GPGME version - Mozilla Thunderbird 140.8.0 ESR MFSA 2026-17 boo1258568 CVE-2026-2757 bmo2001637 Incorrect...

10CVSS7.5AI score0.00604EPSS
Exploits0References57
Rows per page
Query Builder