22120 matches found
GHSA-5P54-7X9Q-259P vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-6684
FatFs prior to R0.16 that use GPT scanning with 'FFLBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTHPtNum, enabling extremely long or effectively infinite mount-time scans. This maps to CWE-835 Loop with Unreachable Exit Condition. Estimated CVSS v3.1...
CGA-G424-8HM2-324V
Bulletin has no description...
CGA-H685-483C-M8W4
Bulletin has no description...
Linux Distros Unpatched Vulnerability : CVE-2026-10098
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OCSP CertID serial-number length-confusion in wolfSSLOCSPrespfindstatus allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be...
DEBIAN-CVE-2026-50229
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, fro...
CVE-2026-50229
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, fro...
UBUNTU-CVE-2026-50229
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, fro...
CVE-2026-50229
CVE-2026-50229 describes an XSS flaw in the Apache Tomcat “number guess” example. Affected versions include Tomcat 11.0.0-M1–11.0.22, 10.1.0-M1–10.1.55, 9.0.0.M1–9.0.118, 8.5.0–8.5.100, and 7.0.0–7.0.109. The root cause is improper neutralization of script-related HTML tags in that example web pa...
CVE-2026-50229
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, fro...
CVE-2026-50229 Apache Tomcat: XSS in number guess example
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, fro...
PYSEC-2026-295 BentoML deserialization vulnerability
A deserialization vulnerability exists in BentoML's runner server in bentoml/bentoml versions =1.3.4.post1. By setting specific parameters, an attacker can execute unauthorized arbitrary code on the server, causing severe harm. The vulnerability is triggered when the args-number parameter is...
CVE-2026-53320
A flaw was found in the Linux kernel's nilfs2 filesystem. A local attacker could exploit this vulnerability by sending a specially crafted input/output control ioctl request to the nilfsioctlmarkblocksdirty function. By providing a zero block number, the attacker can bypass a critical dead block...
PT-2026-53740
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.22 Apache Tomcat versions 10.1.0-M1 through 10.1.55 Apache Tomcat versions 9.0.0.M1 through 9.0.118 Apache Tomcat versions 8.5.0 through 8.5.100 Apache Tomcat versions 7.0.0 through 7.0.109...
SUSE CVE-2026-53320
In the Linux kernel, the following vulnerability has been resolved: nilfs2: reject zero bdoblocknr in nilfsioctlmarkblocksdirty nilfsioctlmarkblocksdirty uses bdoblocknr to detect dead blocks by comparing it with the current block number bdblocknr. If they differ, the block is considered dead and...
Linux Distros Unpatched Vulnerability : CVE-2026-13035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a malicious peripheral...
Linux Distros Unpatched Vulnerability : CVE-2026-53320
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: reject zero bdoblocknr in nilfsioctlmarkblocksdirty nilfsioctlmarkblocksdirty uses bdoblocknr to detect dead blocks by comparing it with the current blo...
Linux Distros Unpatched Vulnerability : CVE-2026-53188
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds ...
BELL-CVE-2026-53147
Bulletin has no description...
BELL-CVE-2026-53199
Bulletin has no description...