29728 matches found
CVE-2026-0902
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-0902
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-0902
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-0902
CVE-2026-0902 is an issue in V8 used by Google Chrome prior to version 144.0.7559.59, described as an inappropriate implementation that allows a remote attacker to perform an out-of-bounds memory read via a crafted HTML page. Connected feeds show Chromium/Chrome updates delivering a fix (Chromium...
CVE-2026-0902
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-0900
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-0900
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-0900
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-0900
CVE-2026-0900: In Chrome/Chromium, an inappropriate implementation in V8 prior to 144.0.7559.59 could allow a remote attacker to cause object corruption via a crafted HTML page. The issue is rated High (CVSS 8.8). References indicate fixes in Chromium/Chrome updates (e.g., Chromium 144.0.7559.59+...
CVE-2026-0899
Out of bounds memory access in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-0899
Out of bounds memory access in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
Updated thunderbird packages fix security vulnerabilities
Mitigation bypass in the DOM: Security component. CVE-2026-0877 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. CVE-2026-0878 Sandbox escape due to incorrect boundary conditions in the Graphics component. CVE-2026-0879 Sandbox escape due to integer...
MGASA-2026-0013 Updated nss & firefox packages fix security vulnerabilities
Mitigation bypass in the DOM: Security component. CVE-2026-0877 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. CVE-2026-0878 Sandbox escape due to incorrect boundary conditions in the Graphics component. CVE-2026-0879 Sandbox escape due to integer...
VulnCheck KEV: CVE-2025-20282
A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks tha...
MiracleLinux 9 : kernel-5.14.0-427.31.1.el9_4 (AXSA:2024-8705:26)
"The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8705:26 advisory. kernel: phy: CVE-2024-26600 kernel: netfilter: multiple flaws CVE-2024-26808, CVE-2024-27065, CVE-2024-35899, CVE-2024-36005 kernel: cifs:...
AlmaLinux 8 : kernel-rt (ALSA-2026:0760)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0760 advisory. kernel: smb: client: Fix use-after-free in cifsfilldirent CVE-2025-38051 kernel: smb: client: let recvdone verify dataoffset, datalength and...
Cisco Firepower Threat Defense Software Snort 3 Detection Engine DoS (cisco-sa-ftd-snort3-uAnUntcV)
According to its self-reported version, Cisco Firepower Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection...
Stable Channel Update for Desktop
The Stable channel has been updated to 144.0.7559.96/.97 for Windows/Mac and 144.0.7559.96 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept restrict...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 1 security fix: 473851441 High CVE-2026-1220: Race in V8. Reported by @p1nky4745 on 2026-01-07...
Server-Side Template Injection (SSTI) vulnerability exist in Genshi
Overview A Server-Side Template Injection SSTI vulnerability exists in the Genshi template engine due to unsafe evaluation of template expressions. Genshi processes template expressions using Python’s 'eval’ and ‘exec’ functions while allowing fallback access to Python built-in objects. If an...