CVE-2026-25258 Out-of-bounds Read in DSP Service

Memory corruption while processing IOCTL calls for escape operations...

CVE-2026-25258 Out-of-bounds Read in DSP Service

Memory corruption while processing IOCTL calls for escape operations...

CVE-2019-25718 Dräger Infinity Explorer C700 Privilege Escalation via Kiosk Mode Bypass

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

CVE-2019-25718 Dräger Infinity Explorer C700 Privilege Escalation via Kiosk Mode Bypass

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

CVE-2019-25718

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

CVE-2019-25718

Affected product: Dräger Infinity Explorer C700. Vulnerability: privilege escalation allowing kiosk-mode escape to reach the underlying OS via a specific dialog interaction. Impact: attacker can break out of kiosk mode, gain OS control, and cause the Delta Family patient monitor display to show i...

firefox: Sandbox escape due to use-after-free in the Disability Access APIs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...

firefox: Information disclosure, sandbox escape in the Security: Process Sandboxing component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...

firefox: thunderbird: Sandbox escape in the Profile Backup component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Profile Backup component...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...

firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component...

CVE-2026-45803

A flaw was found in GitHub CLI. A remote attacker who can influence GitHub Actions workflow log output could inject terminal escape sequences into workflow logs. When a user views these logs using gh run view --log or gh run view --log-failed, the injected sequences may be replayed by the user's...

USN-8351-1 linux-lowlatency vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8351-1: Linux kernel (Low Latency) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8350-1: Linux kernel (NVIDIA Tegra) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

Containers on fire: from container escapes to supply chain attacks

Introduction Modern infrastructures universally rely on containerization to deploy applications, scale services, and build cloud platforms. The use of Docker, Kubernetes, and similar technologies has become the corporate standard for efficient automation. However, as containers grow in popularity...

webkitgtk: A malicious website may be able to process restricted web content outside the sandbox

A flaw was found in WebKitGTK. A maliciously crafted web page may be able to process restricted web content outside the sandbox due to improper memory handling...

PT-2026-45490

Summary EntryPoint::FromStr in rattler conda types performs only .trim on the command field before the linker joins it onto the install prefix and writes an executable Python script. A malicious noarch:python package can ship an info/link.json with an entry-point name containing .., /, , or an...

PT-2026-45655

Memory corruption while processing IOCTL calls for escape operations...

PT-2026-45627

Name of the Vulnerable Software and Affected Versions Dräger Infinity Explorer C700 affected versions not specified Description A privilege escalation issue allows attackers to break out of kiosk mode—a restricted user interface that limits access to specific applications—and access the underlyin...