CVE-2026-23130

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dead lock while flushing management frames Commit 1 converted the management transmission work item into a wiphy work. Since a wiphy work can only run under wiphy lock protection, a race condition happens in bel...

SUSE-SU-2026:0521-1 Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: - CVE-2023-53321: wifi: mac80211hwsim: drop short frames bsc1250314. - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from bpftestrun not correctly calculating the allowed metadata size. This vulnerability may lead to...

SUSE CVE-2026-2316

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2316

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2316

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2316

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2316

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2316

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2316

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2316

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2316

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2316

CVE-2026-2316 affects Google Chrome prior to 145.0.7632.45, where insufficient policy enforcement in Frames enables UI spoofing via a crafted HTML page. The impact is a remote attacker able to spoof UI through a crafted page. Remediation is Chrome update to 145.0.7632.45 or later, as noted in the...

Google Chrome < 145.0.7632.45 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 145.0.7632.45. It is, therefore, affected by multiple vulnerabilities as referenced in the 202602stable-channel-update-for-desktop10 advisory. - Use after free in Ozone. CVE-2026-2321 - Use after free in CSS...

Linux Distros Unpatched Vulnerability : CVE-2026-2316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page...

KLA90880 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in CSS can be exploited to cause denial of service or execute...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 145.0.7632.45 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution within frames, which could lead to UI deception through specially crafted HTM...

nodejs: Nodejs denial of service

A denial of service flaw has been discovered in NodeJS. A malformed HTTP/2 HEADERS frame with oversized, invalid HPACK data can cause Node.js to crash by triggering an unhandled TLSSocket error ECONNRESET. Instead of safely closing the connection, the process crashes, enabling a remote denial of...

CVE-2024-5986

A vulnerability in h2oai/h2o-3 version 3.46.0.1 allows remote attackers to write arbitrary data to any file on the server. This is achieved by exploiting the /3/Parse endpoint to inject attacker-controlled data as the header of an empty file, which is then exported using the...

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path via the /3/Parse and /3/Frames/framename/export endpoints. An attacker can overwrite arbitrary files on the server, including sensitive files such as private SSH keys or script files, by injecting...