6877 matches found
CVE-2026-3012
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...
PT-2026-43797
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the MCTP Management Component Transport Protocol implementation where RTM GETNEIGH requests return uninitialized data within the padding bytes of the ndmsg data. This...
Efficient and Quantum-Safe Internet Key Exchange Protocols for Satellite Communications
This paper studies cryptographic key exchange in satellite communications, which requires specific solutions because the satellite context presents unique challenges, particularly concerning onboard resource constraints and long transmission latency. We address these challenges by considering the...
Google Chrome 竞争条件问题漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a competitive condition vulnerability, which was caused by WebRTC competitive conditions. This vulnerability could allow remote attackers to leak cross-source data through specially...
Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-060 (ALASFIREFOX-2026-060)
The version of firefox installed on the remote host is prior to 140.10.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-060 advisory. In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of...
PT-2026-43234
An Allocation of Resources Without Limits or Throttling vulnerability in the OPC-UA Server used in PPT30 Operating System versions before 1.8.0 may be used by an unauthenticated network-based attacker to permanently prevent legitimate users from interacting with the service...
CVE-2026-9274
This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...
CVE-2026-9274
This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...
CVE-2026-9274 Information Exposure Vulnerability in CP-Plus Wi-Fi Camera
This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...
EUVD-2026-31661
This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...
Fedora 44 : chromium (2026-c758d44a9a)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c758d44a9a advisory. Update to 148.0.7778.178 CVE-2026-9111: Use after free in WebRTC CVE-2026-9110: Inappropriate implementation in UI CVE-2026-9112: Use after free in...
CVE-2026-9111
Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-9119
Heap buffer overflow in WebRTC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-9119
CVE-2026-9119 describes a heap buffer overflow in WebRTC within Google Chrome prior to 148.0.7778.179, leading to potential remote code execution in the browser sandbox via a crafted HTML page. Affected component is Chrome's WebRTC stack; root cause is a heap buffer overflow. Impact stated: remot...
Astra Linux – Vulnerability in Chromium
Before version 110.0.5481.77, a out-of-bounds read in WebRTC within Google Chrome allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fixed an illegal access to rmbdesc during SMC-D connection dumping. A crash was detected when dumping SMC-D connections. This issue can be reproduced by performing the following steps: 1. Run the nginx/wrk test: smcrun...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check for struct nfctarget arrays While running with CONFIGFORTIFYSOURCE=y, syzkaller reported the following issue: memcpy: A field-spanning write was detected size 129 of the single field “target-sensfres” at...
Astra Linux – Vulnerability in Chromium
Before version 89.0.4389.90, using free after in WebRTC in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Linux 5.10
A flaw in the Linux kernel’s implementation of the RDMA communication manager listener code allowed an attacker with local access to set up a socket to listen on a high port. This allowed for a memory element to be used after it was freed. With the ability to execute code, a local attacker could...
firefox: thunderbird: Use-after-free in the WebRTC component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the WebRTC component...