73940 matches found
RLSA-2026:5942 Important: golang security update
The golang packages provide the Go programming language compiler. Security Fixes: cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive CVE-2025-61731 net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 For more details about the security issues, including...
EUVD-2026-19564
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID:...
CVE-2026-20431
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID:...
CVE-2026-20431
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID:...
CVE-2026-20431
Summary: CVE-2026-20431 affects MediaTek-based Modem functionality where a logic error can cause a system crash, potentially enabling remote denial of service when a UE connects to a rogue base station. Exploitation reportedly requires no user interaction and can occur with adjacent access; no ad...
CVE-2026-20431
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID:...
RLSA-2026:6036 Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: macvlan: fix error recovery in...
kernel security update
An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
PT-2026-31027
Name of the Vulnerable Software and Affected Versions Botan versions prior to 3.11.1 Description The Botan cryptography library contains a flaw in the Certificate Store::certificate known function. This function incorrectly identifies certificates, returning true if any certificate in the store h...
MediaTek Chipsets 缓冲区错误漏洞
MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain a buffer error vulnerability, which stems from the lack of boundary checks, leading to out-of-bound writes and potentially allowing for remote privilege escalation...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient validation for unreliable inputs in the ANGLE library, which could allow remote attackers to...
Mozilla Firefox和Mozilla Thunderbird 缓冲区错误漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
ROS-20260407-73-0010
A vulnerability in the fs/hfsplus/xattr.c component of the Linux operating system kernel is related to state management errors. Exploitation of the vulnerability allows an attacker to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2026-33817
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt CVE-2026-33817 Note that Nessus relies on the presence of the package ...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after their release, which could allow remote attackers to execute arbitrary code within a...
Mozilla -- Incorrect boundary conditions, integer overflow
https://bugzilla.mozilla.org/showbug.cgi?id=2017867 reports: Incorrect boundary conditions, integer overflow in the Graphics: Text component...
PT-2026-31015
Plane is an an open-source project management tool. Prior to 1.3.0, a vulnerability was identified in Plane's authentication flow where a user's email address is included as a query parameter in the URL during error handling e.g., when an invalid magic code is submitted. Transmitting personally...
Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
Threat actors leveraged Anthropic’s Claude Code npm release packaging error to distribute Vidar, GhostSocks, and PureLog Stealer. This blog details immediate steps organizations can take and best practices to prevent further risk...
SUSE CVE-2026-33997
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...
EUVD-2026-19472
SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height = 32 which include...