203909 matches found
PT-2026-54394
Name of the Vulnerable Software and Affected Versions Google Chrome on Windows versions prior to 150.0.7871.47 Description A type confusion issue exists in the Bluetooth component. This allows an attacker located on the same local network segment to retrieve potentially sensitive information from...
PT-2026-54387
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Enterprise component allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is convince...
PT-2026-54395
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in DevTools allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is achieved by using ...
CVE-2026-52196
Summary of CVE-2026-52196 : A buffer overflow in the UTT nv518G nv518GV3v3.2.7-210919-161313 stack arises in the gohead/sub_416f28 component, allowing a remote attacker to cause a denial of service. Affected product/version appears to be the nv518G nv518GV3 line; exact compound naming is as descr...
RHEL 10 : perl-IO-Compress (RHSA-2026:30860)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:30860 advisory. This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. IO-Compress...
PT-2026-53991
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated remote attacker can repeatedly send crafted connection requests to cause a memory leak. In single-process deployments, the memory consumption...
PT-2026-54423
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A type confusion issue exists in the CSS component, which allows a remote attacker to obtain potentially sensitive information from process memory by using a specially crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-6329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. Th...
Linux Distros Unpatched Vulnerability : CVE-2026-55958
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an erro...
Linux Distros Unpatched Vulnerability : CVE-2026-13757
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a...
PT-2026-54123
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in the USB component of Google Chrome on Mac. This flaw allows a remote attacker who has already compromised the renderer process to potentially achieve a...
PT-2026-54379
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in WebAppInstalls allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Recommendations Update Google...
mariadb: MariaDB server: SQL injection vulnerability via improper handling of big5 character set with mysql_real_escape_string()
A flaw was found in MariaDB server. An application processing non-validated user input, which then uses mysqlrealescapestring and sends data to the database via text protocol with the big5 character set, is vulnerable to SQL injection. This allows a remote attacker to execute malicious SQL...
mariadb: mbstream: Unauthorized file creation via path traversal
A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...
CVE-2026-7656 Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack
The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...
CVE-2026-57919
PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe \.\pipe\PBackupVSS with a DACL that grants GENERICREAD and GENERICWRITE permissions to all authenticated users. A low-privileged local attacker can connect to this pipe and send crafted IPC messages to trigge...
kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions
A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...
kernel: net/sched: act_pedit: extend the writable skb range per key
A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...
kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions
A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...
kernel: net/sched: act_pedit: extend the writable skb range per key
A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...