CVE-2026-10099

XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocketreceiveworker routine of simplehttpserver.py that allows attackers to cause corrupted application data by sending unmasked WebSocket frames. The server unconditionally reads 4 bytes as a masking key regardless of...

Linux Distros Unpatched Vulnerability : CVE-2025-39988

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: etases58x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit...

Brave Android 1.79.119 Security Fixes

Added a conditional host check in binding handlers as reported on HackerOne by newfunction. - Added frame host check for Leo IAP in binding receivers as reported on HackerOne by newfunction. Upgraded Chromium to 137.0.7151.68 — refer to Google Chrome advisories for inherited CVEs...

Linux kernel vulnerabilities CVE-2024-41090 and CVE-2024-41091

Brocade Security has investigated the two CVEs below related to Linux Kernel. CVE-2024-41090 Description In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in t...

UBUNTU-CVE-2016-1661

Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a...