5836 matches found
CVE-2026-10992
Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-10992
Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-10992
Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-6473
A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability, which stems from insufficient data validation...
PT-2026-45046
The current upstream main branch at commit 7e0206d was reviewed, and the fix-first patch set was rebased on 2026-05-18. The patches cover: validated and bound inactive-agent hour filtering; storage SQL identifier validation; metadata-backed ownership checks for raw storage SQL; blocking direct...
CVE-2026-46140 Bluetooth: btmtk: validate WMT event SKB length before struct access
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...
EUVD-2026-32767
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to promptly check the response data in the IPMI event message buffer. This could lead to...
PT-2026-43810
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the erofs component where compressed folios for ztailpacking pclusters are not validated before being added to I/O chains. This can lead to a NULL pointer dereference...
CVE-2026-43495
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...
CVE-2026-42396 Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
CVE-2026-42396
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
PowerDNS Authoritative 代码注入漏洞
PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has a code injection vulnerability, which stems from insufficient validation of member zone data, potentially leading to failed zone transfer operations...
Astra Linux - уязвимость в chromium
Insufficient data validation in Mojo in Google Chrome prior to version 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
Astra Linux - уязвимость в chromium
Insufficient data validation in the Updater component of Google Chrome prior to version 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation through a malicious file. Chromium security severity: High...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Fixed parameter validation for packet data Since commit 9c328f54741b “net: nfc: nci: Added parameter validation for packet data”, communication with nci/nfc chips no longer works. The mentioned commit attempted to...
Astra Linux - уязвимость в chromium
Insufficient data validation in the new tab page of Google Chrome prior to version 96.0.4664.93 allowed a remote attacker to leak cross-origin data through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insufficient data validation in Mojo in Google Chrome prior to version 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
[SECURITY] Fedora 44 Update: rust-rpki-0.18.6-4.fc44
A library for validating and creating RPKI data...