Lucene search
K

2721 matches found

OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-13980

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References1
OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-13966

Inappropriate implementation in History in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References1
OSV
OSV
added 3 days ago5 views

DEBIAN-CVE-2026-56018

JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes withou...

7.5CVSS5.9AI score0.00609EPSS
Exploits0References1
Debian
Debian
added 5 days ago7 views

[SECURITY] [DSA 6370-1] xorg-server security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6370-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 27, 2026 https://www.debian.org/security/faq -...

7.8CVSS5.8AI score0.00165EPSS
Exploits0
Debian
Debian
added last week12 views

[SECURITY] [DSA 6365-1] libssh2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6365-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 25, 2026 https://www.debian.org/security/faq -...

9.2CVSS6AI score0.00732EPSS
Exploits10
OSV
OSV
added last week3 views

DEBIAN-CVE-2026-53211

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftmetabridge: fix stale stack leak via IIFHWADDR register NFTMETABRIIIFHWADDR declares its destination register with len = ETHALEN 6 bytes, which the register-init tracking rounds up to two 32-bit registers 8 bytes...

5.7AI score0.00173EPSS
Exploits0References1
OSV
OSV
added last week2 views

DEBIAN-CVE-2026-53199

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: use kmaplocalpage in netvsccopytosendbuf netvsccopytosendbuf copies page buffer entries into the VMBus send buffer using phystovirt on the entry PFN. Entries for the RNDIS header and the skb linear data come from...

7.5CVSS5.9AI score0.0053EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 7:17 p.m.3 views

DEBIAN-CVE-2026-13023

Uninitialized Use in GPU in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.9AI score0.00186EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.2 views

DEBIAN-CVE-2026-52950

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS5.7AI score0.00132EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 5:17 p.m.3 views

DEBIAN-CVE-2026-56113

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...

6.5CVSS5.9AI score0.00175EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 4:17 p.m.6 views

DEBIAN-CVE-2026-55767

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded variants. SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the empty string; SetCookie::valida...

5.8CVSS5.9AI score0.00111EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.4 views

Debian dsa-6362 : gir1.2-gst-plugins-bad-1.0 - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6362 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6362-1 [email protected] https://www.debian.org/securit...

7.1CVSS6.3AI score0.00307EPSS
Exploits0References8
OSV
OSV
added 2026/06/22 6:16 p.m.6 views

DEBIAN-CVE-2026-54278

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, during cleanup it is possible for a compressed request body to be decompressed into memory in one chunk. An attacker may be able to send a compressed payload in specific situations that could be...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References1
Debian
Debian
added 2026/06/21 5:26 p.m.6 views

[SECURITY] [DSA 6359-1] gst-plugins-good1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6359-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 21, 2026 https://www.debian.org/security/faq -...

8.8CVSS6.2AI score0.00828EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.7 views

Debian dsa-6355 : ata-modules-6.12.90+deb13-armmp-di - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6355 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6355-1 [email protected] https://www.debian.org/securit...

9.8CVSS6.6AI score0.00441EPSS
Exploits11References108
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.5 views

Debian dsa-6360 : squid - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6360 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6360-1 [email protected] https://www.debian.org/securit...

9.2CVSS5.9AI score0.08942EPSS
Exploits1References10
OSV
OSV
added 2026/06/19 6:17 a.m.6 views

DEBIAN-CVE-2026-56132

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers...

6.9CVSS6.1AI score0.00088EPSS
Exploits0References1
Debian
Debian
added 2026/06/18 6:44 p.m.7 views

[SECURITY] [DSA 6351-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6351-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 18, 2026 https://www.debian.org/security/faq -...

9.6CVSS6.1AI score0.00476EPSS
Exploits0
Debian
Debian
added 2026/06/17 6:1 p.m.6 views

[SECURITY] [DSA 6350-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6350-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 17, 2026 https://www.debian.org/security/faq -...

9.6CVSS5.6AI score0.00476EPSS
Exploits0
OSV
OSV
added 2026/06/16 8:16 a.m.3 views

DEBIAN-CVE-2026-46331

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using tcfpoffmaxhint, but the hint does not account for the runtime header offset...

7.8CVSS5.5AI score0.00259EPSS
Exploits9References1
Rows per page
Query Builder