Lucene search
K

376 matches found

SUSE CVE
SUSE CVE
added 2026/07/03 3:25 a.m.8 views

SUSE CVE-2026-20217

A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in...

7.5CVSS7.3AI score0.00389EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/07/01 4:27 p.m.5 views

CVE-2026-20214

A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG...

7.5CVSS7.3AI score0.00463EPSS
Exploits0
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40575

Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00296EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-14065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer proces...

6.5CVSS6.2AI score0.00319EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.25 views

CVE-2026-13838

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00218EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 4:16 p.m.24 views

CVE-2026-13749

Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary code execution during application bundling or deployment. An attacker could exploit this by supplying crafted project content that is interpolated into generate...

8.8CVSS0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 9:20 a.m.7 views

CVE-2026-13601

A flaw was found in Yelp due to an overly permissive Content Security Policy CSP implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG document,...

7.1CVSS5.9AI score0.0012EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in Safari 26.1, iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash...

8.8CVSS6.6AI score0.00559EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

This issue has been resolved through improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5, and iPadOS 18.7.5; iOS 26.3 and iPadOS 26.3; macOS Tahoe 26.3; and visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...

8.8CVSS5.7AI score0.00295EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 1:16 a.m.14 views

CVE-2026-46546

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to version 2.53.0, an authenticated user could supply specially crafted content in certain user-editable fields that, when surfaced in page metadata, caused visitors' browsers to navigate to...

5.4CVSS0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.18 views

PT-2026-46585

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Skia allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory by using a crafted HTML...

9.6CVSS5.8AI score0.00493EPSS
Exploits0References437
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A properly crafted CMS message could be processed incorrectly, resulting in an invalid memory read and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

8.8CVSS7.1AI score0.00662EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in WebKit2GTK

This issue has been addressed through improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4, iPadOS 16.4, tvOS 16.4, and watchOS 9.4. Processing maliciously crafted web content may bypass the Same Origin Policy...

5.5CVSS6.4AI score0.00202EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

A memory corruption issue has been addressed through improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1, iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, and macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a...

8.8CVSS8.2AI score0.03692EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

A type confusion issue has been resolved through improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1, and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.1AI score0.0141EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

A logic issue was addressed through improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2, and iPadOS 16.2, as well as watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS7AI score0.00905EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

A type confusion issue has been addressed through improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, and Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a repor...

8.8CVSS8AI score0.23788EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

A type confusion issue has been resolved through improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3, and iPadOS 18.7.3; iOS 26.2 and iPadOS 26.2; macOS Tahoe 26.2; and visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

4.3CVSS7.6AI score0.32EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/16 1:14 a.m.14 views

SUSE CVE-2026-8578

Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.8AI score0.00156EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/11 9:31 p.m.10 views

EUVD-2026-29254

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Tahoe 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash...

5.8AI score0.00393EPSS
Exploits0References2
Rows per page
Query Builder