Lucene search
K

5499 matches found

AstraLinux
AstraLinux
โ€ขadded 2026/06/19 11:10 a.m.โ€ข2 views

Astra Linux โ€“ Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo โ€“ Fix for compression buffer overflows Unlike the decompression code, the compression code in LZO never checked for output overflows. Instead, it assumes that the caller always provides sufficient buffer space, withou...

7.8CVSS6.4AI score0.00154EPSS
Exploits0References2
AstraLinux
AstraLinux
โ€ขadded 2026/06/19 11:10 a.m.โ€ข3 views

Astra Linux โ€“ Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fcrecvframe mp-safe Running tests with a debug kernel shows that bnx2fcrecvframe modifies the percpu lport stats counters in a non-mpsafe way. Simply boot a debug kernel and run the bnx2fc driver with the...

5.5CVSS6.1AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
โ€ขadded 2026/06/19 11:10 a.m.โ€ข6 views

Astra Linux โ€“ Vulnerability in Chromium

Before version 87.0.4280.141, using "use after free" in safe browsing in Google Chrome allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.3AI score0.03095EPSS
Exploits0References2
AstraLinux
AstraLinux
โ€ขadded 2026/06/19 11:10 a.m.โ€ข5 views

Astra Linux โ€“ Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not use btrfssetitemkeysafe on RAID stripe-extents. Do not use btrfssetitemkeysafe to modify the keys in the RAID stripe-tree, as this can lead to corruption of the tree, which is caught by the checks in...

5.5CVSS6AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
โ€ขadded 2026/06/19 11:10 a.m.โ€ข3 views

Astra Linux โ€“ Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Fixed race condition in TTY wakeup A race condition occurs when gsstartio calls either gsstartrx or gsstarttx. These functions briefly release the portlock of usbepqueue. This allows gsclose and...

4.7CVSS6.3AI score0.00115EPSS
Exploits0References2
AstraLinux
AstraLinux
โ€ขadded 2026/06/19 11:10 a.m.โ€ข4 views

Astra Linux โ€“ Vulnerability in lxml

A XSS vulnerability was discovered in the python-lxmlโ€™s clean module versions prior to 4.6.3. When the โ€œsafe attrsonlyโ€ and โ€œformsโ€ arguments are disabled, the Cleaner class does not remove the โ€œformactionโ€ attribute, allowing JavaScript to bypass the sanitizer. A remote attacker could exploit th...

6.1CVSS6.8AI score0.04002EPSS
Exploits1References1
RedhatCVE
RedhatCVE
โ€ขadded 2026/06/19 8:50 a.m.โ€ข7 views

CVE-2026-12454

A race flaw was found in the Safe Browsing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516926968...

8.3CVSS5.8AI score0.00146EPSS
Exploits0References5
Cvelist
Cvelist
โ€ขadded 2026/06/18 11:37 p.m.โ€ข36 views

CVE-2026-12048 pgAdmin 4: Stored XSS via untrusted error and plan-node text rendered through html-react-parser

Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server ErrorResponse messages, including object names quoted back inside relation-does-not-exist errors and inside EXPLAIN Recheck Cond / Exact Heap Blocks fields was passed...

9.3CVSS0.0021EPSS
Exploits0References2
CVE
CVE
โ€ขadded 2026/06/18 11:37 p.m.โ€ข76 views

CVE-2026-12048

CVE-2026-12048 affects pgAdmin 4 (versions 6.0 up to 9.16). Stored XSS occurs when untrusted server-returned text is passed through html-react-parser in multiple user-facing sinks (toasts, dialogs, explain visualiser, SQL editor prompts, etc.), allowing an attacker-controlled PostgreSQL server to...

9.3CVSS5.4AI score0.0021EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
โ€ขadded 2026/06/18 1:59 a.m.โ€ข7 views

SUSE CVE-2026-12454

Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00146EPSS
Exploits0References3
Positive Technologies
Positive Technologies
โ€ขadded 2026/06/18 12:0 a.m.โ€ข20 views

PT-2026-50814

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 6.0 through 9.15 Description Stored cross-site scripting exists in the error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server, such as ErrorResponse messages, object names in...

9.3CVSS5.9AI score0.0021EPSS
Exploits0References13
EUVD
EUVD
โ€ขadded 2026/06/17 6:35 p.m.โ€ข7 views

EUVD-2026-37539

Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00146EPSS
Exploits0References3
CVE
CVE
โ€ขadded 2026/06/17 1:38 a.m.โ€ข18 views

CVE-2026-12454

Google Chrome on macOS is affected by CVE-2026-12454 due to a race in the Safe Browsing path of the Chromium rendering process. The issue could allow a remote attacker who has already compromised the renderer to escape the sandbox via a crafted HTML page. The vulnerability is tied to Chrome versi...

8.3CVSS5.4AI score0.00146EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
โ€ขadded 2026/06/17 1:38 a.m.โ€ข6 views

CVE-2026-12454

Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00146EPSS
Exploits0
Positive Technologies
Positive Technologies
โ€ขadded 2026/06/17 12:0 a.m.โ€ข16 views

PT-2026-50204

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A race condition in the Safe Browsing component of Google Chrome on Mac allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escap...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References42
OSV
OSV
โ€ขadded 2026/06/16 11:6 p.m.โ€ข2 views

OPENSUSE-SU-2026:20970-1 Security update for postgresql17

This update for postgresql17 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References22
OSV
OSV
โ€ขadded 2026/06/16 11:5 p.m.โ€ข2 views

SUSE-SU-2026:22149-1 Security update for postgresql17

This update for postgresql17 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References23
Fedora
Fedora
โ€ขadded 2026/06/16 1:3 a.m.โ€ข19 views

[SECURITY] Fedora 44 Update: perl-Mojo-JWT-1.02-1.fc44

JSON Web Token is described in https://tools.ietf.org/html/rfc7519. Mojo::JWT implements that standard with an API that should feel familiar to Mojolicious users though of course it is useful elsewhere. Indeed, JWT is much like Mojolicious::Sessions except that the result is a URL-safe text strin...

5.3AI score
Exploits0
OSV
OSV
โ€ขadded 2026/06/15 8:2 p.m.โ€ข8 views

GHSA-GVMJ-G25R-R7WR DOMPurify: SAFE_FOR_TEMPLATES bypass - template expressions survive sanitization inside <template> content when using DOM output modes

Summary When DOMPurify is configured with both SAFEFORTEMPLATES: true and RETURNDOM: true or INPLACE: true, an attacker can inject template expressions, such as $evil, evil, or , that survive the sanitization pass inside element content. This bypasses the explicit purpose of SAFEFORTEMPLATES, whi...

5.1CVSS5.8AI score
Exploits0References2
NVD
NVD
โ€ขadded 2026/06/15 12:16 p.m.โ€ข12 views

CVE-2026-34026

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. The application constructs a file path using attacker-controlled input without sufficient validation,...

7.1CVSS0.00394EPSS
Exploits1References2
Rows per page
Query Builder