596 matches found
CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
CVE-2026-3846 Same-origin policy bypass in the CSS Parsing and Computation component
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox 148.0.2...
CVE-2026-3846
CVE-2026-3846: A same-origin policy bypass in Firefox’s CSS Parsing and Computation component. Affected: Mozilla Firefox before 148.0.2. Root cause: bypass in CSS parsing/calculation logic. Impact: potential security restriction bypass (I: High per CVSS data). Status: fixed in Firefox 148.0.2; re...
CVE-2026-3846 Same-origin policy bypass in the CSS Parsing and Computation component
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
Firefox -- Same-origin policy bypass
https://bugzilla.mozilla.org/showbug.cgi?id=2018400 reports: Same-origin policy bypass in the CSS Parsing and Computation component...
PT-2026-24212
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148.0.2 Description A bypass of the same-origin policy exists in the CSS Parsing and Computation component. This allows potentially malicious actors to circumvent security restrictions designed to isolate web pages fr...
UBUNTU-CVE-2025-61147
strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decodercontext::computeframedroptable...
AZL-78009 CVE-2026-27171 affecting package gpsbabel 1.8.0-4
zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...
ROS-20260205-73-0021
A vulnerability in the legitimizemnt function of the fs/namespace.c component of the Linux operating system kernel is related to incorrect computation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260202-73-0037
A vulnerability in the Linux operating system kernel is related to incorrect computation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260119-7396
A vulnerability in the nftablesapi.c component of the Linux operating system kernel is related to incorrect computation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
RustCrypto Utilities cmov: `thumbv6m-none-eabi` compiler emits non-constant time assembly when using `cmovnz`
Summary thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz portable version. I did not found any other target with the same behaviour but I did not go through all targets supported by Rust. Details It seems that, during mask computation, an LLVM...
GHSA-2GQC-6J2Q-83QP RustCrypto Utilities cmov: `thumbv6m-none-eabi` compiler emits non-constant time assembly when using `cmovnz`
Summary thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz portable version. I did not found any other target with the same behaviour but I did not go through all targets supported by Rust. Details It seems that, during mask computation, an LLVM...
Memory-Based Malware Detection under Limited Data Conditions: A Comparative Evaluation of TabPFN and Ensemble Models
Artificial intelligence and machine learning have significantly advanced malware research by enabling automated threat detection and behavior analysis. However, the availability of exploitable data is limited, due to the absence of large datasets with real-world data. Despite the progress of AI i...
CVE-2025-1673
A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash denial of service or an incorrect computation...
PT-2026-27390
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions prior to 115.34 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9 Description A use-after-free issue exists in the CSS Parsing and...
CVE-2022-50865
In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog The type of skrcvbuf and sksndbuf in struct sock is int, and in tcpaddbacklog, the variable limit is caculated by adding skrcvbuf, sksndbuf and 64 1024, it may exceed the ma...
CVE-2023-29144
Malwarebytes 1.0.14 for Linux doesn't properly compute signatures in some scenarios. This allows a bypass of detection...