Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient input validation in iOS, which could allow remote attackers to exploit UI deception...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient input validation by the FileSystem, which could allow remote attackers to execute...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after TopChrome was released, which could allow remote attackers to execute a sandbox esca...

PT-2026-37318

Name of the Vulnerable Software and Affected Versions vLLM versions 0.6.1 through 0.19.x Description A Token Injection issue exists in the multimodal processing of vLLM. Unauthenticated, text-only prompts containing special tokens are interpreted as control commands. When image and video...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the platformgetirqbyname function returning an int value. This value is passed directly to the...

PT-2026-36992

Name of the Vulnerable Software and Affected Versions Apache Thrift versions prior to 0.23.0 Description Apache Thrift contains multiple issues, including an origin validation error, improper limitation of a pathname to a restricted directory Path Traversal, improper neutralization of CRLF...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by a type confusion in the l2capecredreconfrsp function. This vulnerability may lead to valid packets being...

PT-2026-37065

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A type confusion issue exists in the Bluetooth L2CAP component within the l2cap ecred reconf rsp function. The function incorrectly casts incoming data to struct l2cap ecred conn rsp...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient trust-based input validation in Cast, which could allow a remote attacker with access...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reusing of resources after they were released in Chromoting, which could allow remote attackers to execute...

Open vSwitch 安全漏洞

Open vSwitch is a virtual switch developed as part of the Collaborative Project. There is a security vulnerability in Open vSwitch. This vulnerability arises when configuring conntrack streams that use FTP auxiliary programs. A remote attacker can send a specially crafted FTP stream, resulting in...

Linux Distros Unpatched Vulnerability : CVE-2026-43008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devmregmapinitmmio devmregmapinitmmio returns an...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the hcill driver failing to release the firmware during a firmware download error path, potential...

PT-2026-37069

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the ext4 file system within the ext4 fc replay inode function. The function calls ext4 get fc inode loc to obtain the inode location, which creates a reference to...

Modsecurity 缓冲区错误漏洞

Modsecurity is an open-source web traffic security processing library developed by OWASP ModSecurity. Versions of Modsecurity prior to 3.0.15 contained a buffer error vulnerability. This vulnerability arises from using the t:hexDecode conversion in rule checks for query string parameters containi...

ROS-20260505-73-0071

A vulnerability in the tarfile module of the Python programming language interpreter CPython is related to incorrect parsing of the file header. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Eclipse OpenJ9 缓冲区错误漏洞

Eclipse OpenJ9 is a Java application engine developed by the Eclipse Foundation. This product is primarily used for running Java applications. Versions of Eclipse OpenJ9 from 0.21 to 0.58 contain a buffer error vulnerability. This vulnerability allows pre-authenticated remote attackers to cause t...

X.Org X Server 缓冲区错误漏洞

The X.Org X Server is an X Window system display server developed by the X.Org Foundation. The X.Org X Server has a buffer error vulnerability, which stems from out-of-bounds read accesses in the XKB geometry processing involving the CheckSetGeom and XkbAddGeomKeyAlias functions. This vulnerabili...

PT-2026-37075

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/vc4 component where the function platform get irq byname returns an integer. This function can return a negative value when an error occurs; however, this valu...

PT-2026-37066

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the XFS file system where the xfs attri recover work function incorrectly calls irele after a failure in iget. Because xlog recovery iget functions do not set the @ip...