Lucene search
K

8016 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the mm, slab context, slab-objexts should always be cleaned up after allocation. When memory allocation profiling is disabled at runtime or due to an error, the shutdownmemprofiling function is called. In this case, slab-objex...

7.8CVSS6.4AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before version 104.0.5112.79, using “After Free” in Google Chrome extensions allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through specific UI interactions...

8.8CVSS6.8AI score0.00557EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.7AI score0.00712EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 87.0.4280.88, using extensions in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

9.3CVSS8.1AI score0.0124EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Extensions in Google Chrome before version 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.3AI score0.00645EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS6.9AI score0.00577EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Prevents attempts to reclaim poisoned pages TL;DR: In SGX, when pages are reclaimed, their contents are copied to secondary storage. SGX instructions do not properly handle machine checks. Nevertheless, existing SGX code...

5.5CVSS6AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00353EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.6AI score0.00621EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/19 10:5 a.m.9 views

CVE-2026-12017

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Extensions. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516797143...

8CVSS5.8AI score0.00208EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 9:1 a.m.7 views

CVE-2026-12467

An use after free flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520202726...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 8:50 a.m.10 views

CVE-2026-12456

An insufficient validation of untrusted input flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517124587...

8.1CVSS5.8AI score0.00137EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 8:50 a.m.7 views

CVE-2026-12457

An insufficient data validation flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517153117...

7.4CVSS5.8AI score0.00136EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 8:50 a.m.7 views

CVE-2026-12445

An use after free flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513199795...

7.5CVSS5.8AI score0.00158EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/19 12:0 a.m.27 views

CVE-2025-62821

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

0.00445EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50877

Name of the Vulnerable Software and Affected Versions Microsoft HEIF Image Extensions version 1.2.22.0 Description An out-of-bounds read occurs because the CHEIFItemInfoEntry GetDataSize function can return a success status while leaving the reported data size at 0. This leads a caller to perform...

9.1CVSS6AI score0.00445EPSS
Exploits1References4
EUVD
EUVD
added 2026/06/19 12:0 a.m.8 views

EUVD-2025-210287

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

6AI score0.00445EPSS
Exploits1References1
CVE
CVE
added 2026/06/19 12:0 a.m.13 views

CVE-2025-62821

CVE-2025-62821 affects Microsoft HEIF Image Extensions 1.2.22.0. The issue is an out-of-bounds read caused by CHEIFItemInfoEntry_GetDataSize returning success while reporting data size as 0, leading to a 1-byte allocation. Later, CopyPixels computes copy_size = stride * abs(roi_height) without va...

9.1CVSS6AI score0.00445EPSS
Exploits1References1Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/18 2:0 a.m.9 views

SUSE CVE-2026-12445

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

7.5CVSS5.4AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/18 1:59 a.m.7 views

SUSE CVE-2026-12467

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00222EPSS
Exploits0References3
Rows per page
Query Builder