30 matches found
DEBIAN-CVE-2026-14100
Insufficient data validation in NetworkCache in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14100
Insufficient data validation in NetworkCache in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14100
Insufficient data validation in NetworkCache in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14100
CVE-2026-14100 affects Google Chrome’s NetworkCache. Affected component: NetworkCache in Chrome (before version 150.0.7871.47). Root cause: insufficient data validation that enables a remote attacker to leak cross-origin data via a crafted HTML page. Impact: cross-origin data leakage with network...
CVE-2026-14100
Insufficient data validation in NetworkCache in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following through the WriteToCachedFile function when handling network cache files in certain configurations. An attacker can overwrite specific host files and change their ownership by planting a symbolic lin...
CVE-2026-27794 LangGraph: BaseCache Deserialization of Untrusted Data may lead to Remote Code Execution
LangGraph Checkpoint defines the base interface for LangGraph checkpointers. Prior to version 4.0.0, a Remote Code Execution vulnerability exists in LangGraph's caching layer when applications enable cache backends that inherit from BaseCache and opt nodes into caching via CachePolicy. Prior to...
CVE-2026-27794 LangGraph: BaseCache Deserialization of Untrusted Data may lead to Remote Code Execution
LangGraph Checkpoint defines the base interface for LangGraph checkpointers. Prior to version 4.0.0, a Remote Code Execution vulnerability exists in LangGraph's caching layer when applications enable cache backends that inherit from BaseCache and opt nodes into caching via CachePolicy. Prior to...
EUVD-2009-2985
Malware in sbrugna...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...
RHEL 8 : firefox (RHSA-2025:17368)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:17368 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
firefox security update
An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...
RLSA-2025:16260 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...
Amazon Linux 2023 : firefox (ALAS2023-2025-1203)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1203 advisory. Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3. CVE-2025-10527...
Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-3008 (ALAS-2025-3008)
The version of thunderbird installed on the remote host is prior to 140.3.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3008 advisory. Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox 143,...
Important: firefox
Issue Overview: Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3. CVE-2025-10527 Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component...
KLA88012 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in Graphics: Canvas2D...
Linux Distros Unpatched Vulnerability : CVE-2024-56661
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanupbearer syzbot found 1 that after blamed commit, ub-ubsock-sk...
UBUNTU-CVE-2025-21868
In the Linux kernel, the following vulnerability has been resolved: net: allow small head cache usage with large MAXSKBFRAGS values Sabrina reported the following splat: WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935 netifnapiaddweightlocked+0x8f2/0xba0 Modules linked in: CPU: 0 UID: 0 PID: 1 Comm...
LavaLite 安全漏洞
LavaLite is an open source lightweight content management system CMS. A security vulnerability exists in LavaLite CMS version v 9.0.0 that stems from vulnerability to network cache poisoning...