157560 matches found
CVE-2026-11673
Use after free in InterestGroups in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11643
Use after free in Proxy in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...
CVE-2026-11629
Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
Missing Release of Resource after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime in the nettyunixsocketrecvFd function. An attacker can cause file descriptor leaks by sending two file descriptors at once via a Unix domain socket, leading to resource exhaustion and...
GHSA-W573-9FFJ-6FF9 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has cmsglen = CMSGLEN8 = 24, which fits exactly with no MSGCTRUNC, so the kernel installs both fds in the receiving process. The subsequent che...
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has cmsglen = CMSGLEN8 = 24, which fits exactly with no MSGCTRUNC, so the kernel installs both fds in the receiving process. The subsequent che...
CVE-2026-9669
bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...
CVE-2026-40215
A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...
GHSA-8X6R-G9MW-2R78 vulnerabilities
Vulnerabilities for packages: vitess...
GHSA-2J2X-HQR9-3H42 vulnerabilities
Vulnerabilities for packages: vitess...
CVE-2026-42342 vulnerabilities
Vulnerabilities for packages: vitess...
CVE-2026-42211 vulnerabilities
Vulnerabilities for packages: vitess...
CVE-2026-40181 vulnerabilities
Vulnerabilities for packages: vitess...
GHSA-5XRQ-8626-4RWP vulnerabilities
Vulnerabilities for packages: vitess...
CVE-2026-47429 vulnerabilities
Vulnerabilities for packages: vitess...
GHSA-49RJ-9FVP-4H2H vulnerabilities
Vulnerabilities for packages: vitess...
GHSA-R5M4-5VWW-W9F5 vulnerabilities
Vulnerabilities for packages: gdal...
CVE-2026-8088 vulnerabilities
Vulnerabilities for packages: gdal...
CVE-2026-8087 vulnerabilities
Vulnerabilities for packages: gdal...
GHSA-J3F5-RW74-G4RV vulnerabilities
Vulnerabilities for packages: gdal...