69 matches found
CVE-2026-58592
Vulnerability summary (CVE-2026-58592, Ladybird): A dangling-reference memory-safety flaw in Ladybird’s WebAssembly ESM integration loader. When a JavaScript function is imported into a WebAssembly module via the ESM path, WebAssemblyModule.cpp passes a stack-local Wasm::FunctionType by reference...
CVE-2026-57451
Vim CVE-2026-57451 affects Vim up to version 9.2.0670. The issue in get_text_props() (src/textprop.c) reads a uint16 property count inline after a line’s text and treats it as the number of 32-byte textprop_T entries that follow. The only boundary check is a floor for a single entry, and the coun...
CVE-2026-53275
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Fix use-after-free when processing MLD queries When processing an MLD query, a pointer to the multicast group address is retrieved when initially parsing the packet. This pointer is later dereferenced without being...
CVE-2026-10991
An use after free flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=503553614...
CVE-2026-45615
mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton files generated by asn1c specifically INTEGERoer.c. When parsing a maliciously crafted, zero-length OER payload for a variable-length, non-negative INTEGER type, th...
CVE-2026-45615
mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton files generated by asn1c specifically INTEGERoer.c. When parsing a maliciously crafted, zero-length OER payload for a variable-length, non-negative INTEGER type, th...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Astra Linux – Vulnerability in Linux
A out-of-bounds memory read flaw was discovered in the Qualcomm IPC router protocol within the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, resulting in a system crash or the leakage of internal kernel information. The greatest threat posed ...
Memory-Safety Vulnerability
pgx is vulnerable to a memory-safety vulnerability. The vulnerability is due to improper memory handling in the library, which allows an attacker to exploit memory corruption conditions and potentially cause unexpected behavior, denial of service, or arbitrary code execution...
CVE-2026-41476
Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.138, a remote memory-safety vulnerability in Deskflow's clipboard deserialization allows a connected peer to trigger an out-of-bounds read by sending a malformed clipboard update. The issue is in the implementation of...
PT-2026-35075
Name of the Vulnerable Software and Affected Versions Deskflow versions prior to 1.26.0.138 Description A remote memory-safety issue in clipboard deserialization allows a connected peer to trigger an out-of-bounds read by sending a malformed clipboard update. The problem exists in the...
CVE-2026-4149
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-33816
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service DoS or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation...
CVE-2026-4456
An use after free flaw was found in the Digital Credentials API component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=488617440...
EUVD-2026-12956
SAMtools is a program for reading, manipulating and writing bioinformatics file formats. The mpileup command outputs DNA sequences that have been aligned against a known reference. On each output line it writes the reference position, optionally the reference DNA base at that position obtained fr...
ROS-20260202-73-0041
A vulnerability in the arm.c component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...
Mozilla Firefox和Mozilla Firefox ESR 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation.Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation that is separate from the Mozilla...
PT-2026-27135
Name of the Vulnerable Software and Affected Versions GNU Binutils versions affected versions not specified Description A flaw exists in the GNU Binutils BFD library, a component used for handling binary files. The issue arises when processing specially crafted XCOFF object files, specifically du...
curl: libcurl: Curl out of bounds read for cookie path
An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site...
kernel: Bluetooth: L2CAP: Fix use-after-free
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in l2caplecommandrej...