20148 matches found
PT-2026-54166
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Side-channel information leakage in WebAuthentication allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Side-channel information leakage...
PT-2026-54084
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists in the Import component. This occurs when a remote attacker convinces a user to perform specific UI gestures, potentially leading to arbitrary code...
PT-2026-54374
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists where a remote attacker can potentially exploit heap corruption via a crafted HTML page. This occurs when a user is convinced to perform specific UI...
PT-2026-54089
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input allows a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. This occurs when a user is convinced to...
PT-2026-54054
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the iOSWeb component allows a remote attacker to potentially cause heap corruption, which occurs when memory in the heap area is...
PT-2026-54120
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A...
PT-2026-54195
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists where a remote attacker could potentially exploit heap corruption by inducing the browser to process a crafted HTML page. Use after free is a memory...
CVE-2026-43706
A double free issue was addressed with improved memory management. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2026-43706
CVE-2026-43706 is a memory-management defect (double free) in libxslt affecting macOS Tahoe 26.5.2, iOS 26.5.2, and iPadOS 26.5.2. The root cause is a double-free in processing malicious web content, which may cause an unexpected process crash. Apple lists libxslt as the vulnerable component with...
CVE-2026-55844
Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores the SSID allowlist for internal networks. The app uses SSID to detect when to use the internal URL, but whenever the app cannot find any other URL to ...
CVE-2026-55844
The Home Assistant iOS companion app prior to 2025.5.0 ignores the SSID allowlist for internal networks. It uses SSID to decide when to use the internal URL, but if no other URL is available it falls back to the internal URL, which can expose the user’s token on unsecure networks. Affected compon...
CVE-2026-55844
Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores the SSID allowlist for internal networks. The app uses SSID to detect when to use the internal URL, but whenever the app cannot find any other URL to ...
PT-2026-53708
Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description Improved input validation was implemented to prevent a malicious website from exfiltrating data...
PT-2026-53715
Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description Processing maliciously crafted web content may lead to an unexpected Safari crash due to a stack...
PT-2026-53724
Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A path handling issue exists where processing maliciously crafted web content may disclose sensitive...
Astra Linux – Vulnerability in WebKit2GTK
This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5, and iPadOS 18.7.5; iOS 26.3, and iPadOS 26.3; macOS Tahoe 26.3; and visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...
MINI-429Q-CMCC-H4Q8
Bulletin has no description...
UBUNTU-CVE-2026-50171
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber functio...
UBUNTU-CVE-2026-50555
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site Scripting XSS vulnerability exists in @angular/platform-server's DOM emulation dependency domino wh...
UBUNTU-CVE-2026-50170
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a vulnerability was discovered in @angular/common when Server-Side Rendering SSR and hydration are enabled. The...