205606 matches found
UBUNTU-CVE-2026-52726
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.23.2 and prior to version 1.2.5, dulwich.porcelain.submoduleupdate, and by extension porcelain.clone..., recursesubmodules=True, materializes attacker-controlled submodule paths from a crafted...
RockyLinux 8 : libyang (RLSA-2026:24545)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:24545 advisory. libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob CVE-2026-44673 Tenable has extracted the preceding...
ROS-20260611-73-0030
The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
[SECURITY] [DSA 6337-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6337-1 [email protected] https://www.debian.org/security/ Andres Salomon June 10, 2026 https://www.debian.org/security/faq -...
CVE-2026-52726
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.23.2 and prior to version 1.2.5, dulwich.porcelain.submoduleupdate, and by extension porcelain.clone..., recursesubmodules=True, materializes attacker-controlled submodule paths from a crafted...
CVE-2026-48292
Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-48303
Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...
CVE-2026-47914
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-47911
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-47912
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34700
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34697
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34699
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34702
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34706
InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34695
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34698
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
kernel: netfilter: nf_tables: release flowtable after rcu grace period on error
A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...
CVE-2026-46618
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...
EUVD-2026-36093
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...