311 matches found
CVE-2026-15685
A flaw was found in Ollama. This vulnerability allows remote attackers to create a denial-of-service DoS condition on affected installations. The issue occurs within the downloadBlob function due to improper validation of user-supplied data, which can lead to memory access beyond the bounds of an...
CVE-2026-45203
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel. A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but befo...
CVE-2026-56770
libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...
EulerOS Virtualization 2.13.0 : mesa (EulerOS-SA-2026-2407)
According to the versions of the mesa packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated dat...
Linux Distros Unpatched Vulnerability : CVE-2026-9753
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The $internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to return memory out-of-bound...
CVE-2026-21038
Improper input validation in Samsung Android USB Driver for Windows prior to version 1.9.5.0 allows local attacker to access out-of-bounds memory...
Astra Linux – Vulnerability in Chromium
In Google Chrome, out-of-bounds memory access in Compositing before version 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape through specific UI gestures. Chromium security severity: High...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: A memory out-of-bounds issue was fixed in bnxtfillhwrsstbl. A recent commit modified the code in bnxtreserverings to set the default RSS indirection table to default only when the number of RX rings is changing. While thi...
Astra Linux – Vulnerability in Chromium
Type Confusion in V8 in Google Chrome before version 126.0.6478.54 allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in libstb
stbimage is a single-file library licensed under MIT that is used for processing images. When stbisetflipverticallyonload is set to TRUE, and reqcomp is set to a value that does not match the actual number of components per pixel, the library attempts to flip the image vertically. A specially...
ROS-20260520-73-0005
A vulnerability in the WebGL component of the Google Chrome browser is related to reading outside of the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
PT-2026-41083
Name of the Vulnerable Software and Affected Versions Google Chrome on Windows versions prior to 148.0.7778.168 Description Type confusion in ANGLE allows a remote attacker who has compromised the renderer process to perform an out of bounds memory write by using a crafted HTML page. Type confusi...
CVE-2026-7346
Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2026-34944
A flaw was found in Wasmtime, a runtime for WebAssembly. On x86-64 platforms with SSE3 disabled, Wasmtime's Cranelift compiler backend may load additional data beyond the intended memory boundary when compiling the 'f64x2.splat' WebAssembly instruction. This out-of-bounds read can lead to a Denia...
CVE-2026-23407
A flaw was found in AppArmor, a security module within the Linux kernel. A local user could exploit this vulnerability by providing a specially crafted Deterministic Finite Automaton DFA, a set of rules for pattern matching, to the verifydfa function. This malformed input causes the system to...
SUSE CVE-2026-4371
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking...
CVE-2026-4647
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...
Google Chrome WebAssembly Memory Out-of-Bounds Access Vulnerability
Google Chrome is a free web browser developed by Google Inc. A memory out-of-bounds access vulnerability exists in Google Chrome WebAssembly, which stems from improper memory buffer access control and can be exploited by remote attackers to execute arbitrary code...
Google Chrome CSS Memory Out-of-Bounds Read Vulnerability
Google Chrome is a free web browser developed by Google Inc. Google Chrome CSS suffers from a memory out-of-bounds read vulnerability that originates from out-of-bounds reads of memory buffer data, which can be exploited by remote attackers to execute arbitrary code...
Google Chrome V8 Memory Out-of-Bounds Access Vulnerability (CNVD-2026-13792)
Google Chrome is a free web browser developed by Google Inc. Google Chrome V8 suffers from a memory out-of-bounds access vulnerability that stems from improper memory buffer access control and can be exploited by remote attackers to execute arbitrary code...