15629 matches found
CVE-2026-10881
Out of bounds read and write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
USN-8393-1 linux-azure-fips vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...
USN-8393-1: Linux kernel (Azure FIPS) vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...
USN-8392-1 linux-aws-5.4, linux-hwe-5.4 vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...
USN-8391-1 linux-raspi, linux-raspi-5.4 vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...
USN-8390-1: Linux kernel vulnerability
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
USN-8390-1 linux, linux-azure, linux-azure-4.15, linux-azure-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle vulnerability
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
USN-8389-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
USN-8389-1 linux, linux-aws, linux-aws-fips, linux-azure, linux-azure-5.4, linux-azure-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
USN-8388-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
RLSA-2026:21380 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...
PT-2026-46809
Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
PT-2026-46694
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in WebView allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML...
PT-2026-46685
Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Downloads allows a local attacker to potentially perform a sandbox escape, which is a process of breaking out of a restricted...
PT-2026-46610
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A race condition in the GPU component allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is achieved...
PT-2026-46541
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue exists in Serial. A remote attacker who has compromised the renderer process can potentially perform a sandbox escape by using a crafted HTML page. Use...
PT-2026-46558
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Drag and Drop feature allows a remote attacker who has compromised the renderer process to potentially perform a sandbox...
PT-2026-46482
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in Core allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use aft...
PT-2026-46690
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in Messages allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corruption flaw...
PT-2026-46639
Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Chromoting allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted...