CVE-2026-4697

CVE-2026-4697 concerns incorrect boundary conditions in the Audio/Video: Web Codecs component. Public advisories list affected products as Firefox (pre-149 and ESR 140.9), and Thunderbird alongside Firefox fixes. The issue is defined as a boundary-condition flaw in the WebCodecs path, with fixed ...

CVE-2026-4697 Incorrect boundary conditions in the Audio/Video: Web Codecs component

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4695

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4695 Incorrect boundary conditions in the Audio/Video: Web Codecs component

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4695

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4695

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4695

The CVE-2026-4695 entry concerns the Audio/Video: Web Codecs component and affects Firefox versions before 149 and Firefox ESR before 140.9. The root cause is described as incorrect boundary conditions in that component. Connected records (NVD/CVE lists) reiterate the same description. No explici...

CVE-2026-4695 Incorrect boundary conditions in the Audio/Video: Web Codecs component

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

Mozilla多款产品 代码问题漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Mozilla -- Multiple vulnerabilities

CVE-2026-4688: Sandbox escape due to use-after-free in Disability Access APIs. CVE-2026-4695: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-4697: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-4700: Mitigation bypass in the...

SUSE CVE-2026-31883

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a sizet underflow in the IMA-ADPCM and MS-ADPCM audio decoders leads to heap-buffer-overflow write via the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM decoders subtract block header...

CVE-2026-31884

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, division by zero in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign...

FreeRDP 数字错误漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.24.0 contained a numerical error vulnerability. This vulnerability occurred when nBlockAlign was set to 0, resulting in a zero overflow error in the MS-ADPCM and IMA-ADP...

Chromium: CVE-2026-3544 Heap buffer overflow in WebCodecs

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Fedora 44 : cef (2026-376794abc1)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-376794abc1 advisory. Update to cef-145.0.25 + chromium 145.0.7632.75 CVE-2026-1861: Heap buffer overflow in libvpx CVE-2026-1862: Type Confusion in V8 CVE-2026-2313: Use...

CVE-2026-26955 FreeRDP has Out-of-bounds Write

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination...

Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58057)

Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58057. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-58057...

Fedora 42 : chromium (2026-583eef79a8)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-583eef79a8 advisory. Update to 145.0.7632.75 CVE-2026-2441: Use after free in CSS CVE-2026-2313: Use after free in CSS CVE-2026-2314: Heap buffer overflow in Codecs...

[SECURITY] Fedora 42 Update: python-pyasn1-0.6.2-1.fc42

This is an implementation of ASN.1 types and codecs in the Python programming language...

[SECURITY] Fedora 43 Update: python-pyasn1-0.6.2-1.fc43

This is an implementation of ASN.1 types and codecs in the Python programming language...