Lucene search
K

29728 matches found

OSV
OSV
added 2026/02/19 10:10 a.m.9 views

USN-8033-7 linux-intel-iotg-5.15, linux-xilinx-zynqmp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS7AI score0.00248EPSS
Exploits4References115
Ubuntu
Ubuntu
added 2026/02/19 10:10 a.m.11 views

USN-8033-7: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS8.2AI score0.00248EPSS
Exploits4
ATTACKERKB
ATTACKERKB
added 2026/02/19 10:4 a.m.5 views

CVE-2025-12107

Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...

10CVSS6.4AI score0.00618EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/19 10:4 a.m.4 views

CVE-2025-12107 Potential authenticated Server-Side Template Injection (SSTI) vulnerability.

Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...

8.4CVSS6.4AI score0.00618EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 10:4 a.m.23 views

CVE-2025-12107

CVE-2025-12107 is linked to a server-side template injection (SSTI) vulnerability in a vulnerable third-party Velocity template engine used by WSO2 Identity Server. An attacker with administrative privileges can inject and execute arbitrary template code on the server, potentially leading to remo...

8.4CVSS6.3AI score0.00618EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.5 views

WSO2 Identity Server 安全漏洞

WSO2 Identity Server is an identity authentication server developed by the American company WSO2. WSO2 Identity Server has a security vulnerability that stems from the use of a vulnerable third-party Velocity template engine. This vulnerability could allow attackers with administrative privileges...

8.4CVSS6.3AI score0.00618EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.6 views

PT-2026-20796

Name of the Vulnerable Software and Affected Versions versions prior to Feb. 19, 2026 Description The software uses a vulnerable third-party Velocity template engine, allowing a malicious actor with admin privilege to inject and execute arbitrary template syntax within server-side templates...

10CVSS6AI score0.00618EPSS
Exploits0References8
OSV
OSV
added 2026/02/18 10:16 p.m.1 views

CVE-2026-2649

Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/02/18 9:39 p.m.3 views

CVE-2026-2649

Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.7AI score0.00642EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/18 9:39 p.m.8 views

CVE-2026-2649

Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.5AI score0.00642EPSS
Exploits0
CVE
CVE
added 2026/02/18 9:39 p.m.30 views

CVE-2026-2649

CVE-2026-2649 affects Chromium-based browsers (Google Chrome/Chromium) via an integer overflow in the V8 engine before 145.0.7632.109, allowing remote heap corruption through a crafted HTML page. Affected products/versions include Chromium releases up to 145.0.7632.109 (various OS package updates...

8.8CVSS5.7AI score0.00642EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/18 9:39 p.m.5 views

CVE-2026-2649

Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.7AI score0.00642EPSS
Exploits0References2
Talos Blog
Talos Blog
added 2026/02/18 11:0 a.m.9 views

“Good enough” emulation: Fuzzing a single thread to uncover vulnerabilities

A Cisco Talos researcher worked around the limitations of hardware-level Code Read-out Protection RDP on the Socomec DIRIS M-70 gateway by pivoting from physical debugging to a "good enough" emulation approach. By focusing on emulating only the single thread responsible for Modbus protocol handli...

8.6CVSS6AI score0.0037EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/18 1:41 a.m.4 views

CVE-2025-70830

A Server-Side Template Injection SSTI vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker template syntax into the SQL script field...

9.9CVSS6.3AI score0.01002EPSS
Exploits0References1
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2026/02/18 12:0 a.m.12 views

Stable Channel Update for Desktop

The Stable channel has been updated to 145.0.7632.109/110 for Windows/Mac and 145.0.7632.109 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

8.8CVSS8.4AI score0.00642EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.6 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 145.0.7632.109 contained a security vulnerability, which was caused by integer overflow in the V8 component, potentially leading to heap corruption...

8.8CVSS7.5AI score0.00642EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2026/02/18 12:0 a.m.5 views

KLA90896 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in PDFium can be exploited to cause denial of service. 2...

8.8CVSS6.3AI score0.00642EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/18 12:0 a.m.1 views

Google Chrome < 145.0.7632.109 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 145.0.7632.109. It is, therefore, affected by multiple vulnerabilities as referenced in the 202602stable-channel-update-for-desktop18 advisory. - Heap buffer overflow in Media in Google Chrome prior to 145.0.7632.109...

8.8CVSS7.7AI score0.00642EPSS
Exploits0References7
Amazon
Amazon
added 2026/02/18 12:0 a.m.7 views

Important: firefox

Issue Overview: Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox 146. CVE-2025-14327 Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox 147, Firefox ESR 115.32, and Firefox ESR 140.7. CVE-2026-0877 Sandbox escape due to incorrec...

9.8CVSS6AI score0.0057EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/17 6:20 p.m.6 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.1 Release.

Red Hat OpenShift Dev Spaces 3.26.1 has been released. 3.26.1 includes CVE fixes for CVE-2025-15467, CVE-2025-6176, CVE-2026-1761, CVE-2026-0719, CVE-2025-61732, and CVE-2025-61726. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams an...

9.8CVSS6.9AI score0.47621EPSS
Exploits7References8
Rows per page
Query Builder