16840 matches found
Exploit for CVE-2026-29786
CVE-2026-29786 Research: Joshua van Rijswijkhttps://gi...
SUSE CVE-2026-3545
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
RLSA-2026:3517 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.8.0 ESR MFSA 2026-15 bsc1258568: CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component CVE-2026-2758: Use-after-free in the JavaScript: GC component CVE-2026-2759:...
SUSE-SU-2026:0812-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.8.0 ESR MFSA 2026-15 bsc1258568: - CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component - CVE-2026-2758: Use-after-free in the JavaScript: GC component -...
PT-2026-33134
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.101 Description A heap buffer overflow in ANGLE allows a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Recommendations Update to version 147.0.7727.101 or later...
PT-2026-23608
Name of the Vulnerable Software and Affected Versions node-tar versions prior to 7.5.10 Description The node-tar package contains a flaw where it can be tricked into creating a hardlink that points outside the extraction directory. This is achieved by using a drive-relative link target, such as...
Google Chrome < 145.0.7632.159 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 145.0.7632.159. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop advisory. - Insufficient data validation in Navigation in Google Chrome prior to...
Zed < 0.224.4 Multiple Path Traversal Vulnerabilities
The version of Zed installed on the remote host is prior to 0.224.4. It is, therefore, affected by multiple vulnerabilities: - A Zip Slip path traversal vulnerability exists in the extension archive extraction functionality. The extractzip function fails to validate ZIP entry filenames for path...
AlmaLinux 9 : thunderbird (ALSA-2026:3516)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3516 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs...
Google Chrome < 145.0.7632.159 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 145.0.7632.159. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop advisory. - Insufficient data validation in Navigation in Google Chrome prior to...
EUVD-2026-9493
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3545
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-3545
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3545
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3545
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3545
CVE-2026-3545 affects Google Chrome/Chromium prior to 145.0.7632.159. Description across connected sources notes insufficient data validation in Navigation can allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page, with high/critical impact per Chromium. The Debi...
CVE-2026-3545
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3545
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...