847 matches found
[SECURITY] Fedora 44 Update: libre-4.8.1-1.fc44
Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack RFC 3261, SDP, RTP and RTCP, SRTP and SRTCP Secure RTP, DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O poll, epoll, select, kqueue,...
CVE-2026-11068
Use after free in WebSockets in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11068
Summary: CVE-2026-11068 is a use-after-free in Chrome’s WebSockets implementation that could allow remote code execution inside a sandbox. The issue affects Google Chrome builds prior to version 149.0.7827.53. The vulnerability description across multiple sources aligns on the same root cause and...
CVE-2026-11068
Use after free in WebSockets in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
PT-2026-46596
Use after free in WebSockets in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-27853
The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows its authentication to be bypassed. The WDU web site only performs authentication with the client within the client's browser. The WebSockets used to communicate with the WDU server do not enforce any authentication. An...
PT-2026-39754
Name of the Vulnerable Software and Affected Versions Next.js versions 15.2.0 through 15.5.17 Next.js versions 16.0.0 through 16.2.5 Description A flaw exists where a previous security fix was not correctly applied to middleware.ts when used in conjunction with Turbopack, a high-performance...
Missing Origin Validation in WebSockets
Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via inadequate validation of the Origin header during WebSocket connection upgrades. An attacker can gain unauthorized access to sensitive log data by convincing an authenticated user to visit a...
MAL-2026-3347 Malicious code in gemini-analyzer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1c8996b17229185440fe7523f20f72ea848f3a001baa8946ca80fa6b5d3221ad The package is a RAT performing full exfiltration and executing remote commands through a custom RPC protocol over WebSockets, and eventually establishing a...
Exploit for CVE-2025-68930
🔍 Análisis del CVE-2025-68930: Vulnerabilidad de Secuestro de...
Astra Linux - уязвимость в chromium
Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
[SECURITY] Fedora 44 Update: mingw-qt6-qtwebsockets-6.10.3-1.fc44
This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...
Missing Origin Validation in WebSockets
Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via missing origin validation in all WebSocket endpoints. An attacker can gain unauthorized access to authenticated WebSocket sessions by tricking a logged-in administrator into visiting a malicio...
Missing Origin Validation in WebSockets
Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via missing origin validation in all WebSocket endpoints. An attacker can gain unauthorized access to authenticated WebSocket sessions by tricking a logged-in administrator into visiting a malicio...
BIT-GITLAB-2026-5173 Exposed Dangerous Method or Function in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to invoke unintended server-side methods through websocket connections due to improper access control...
Chromium: CVE-2026-5919 Insufficient validation of untrusted input in WebSockets
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-5919
An insufficient validation of untrusted input flaw was found in the WebSockets component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=483423893...
SUSE CVE-2026-5919
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-20754
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2026-5919
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer...