178 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-14684
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file...
Linux Distros Unpatched Vulnerability : CVE-2026-14063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memor...
Linux Distros Unpatched Vulnerability : CVE-2026-13914
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Passwords in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information fr...
DEBIAN-CVE-2026-13914
Inappropriate implementation in Passwords in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...
DEBIAN-CVE-2026-13808
Insufficient data validation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: High...
CVE-2026-14119
Type Confusion in Bluetooth in Google Chrome on Windows prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. Chromium security severity: Low...
CVE-2026-13808
Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47 is affected by insufficient data validation that could allow a local attacker to read potentially sensitive information from process memory with physical device access. The issue is addressed in the Chrome 150/151 stable updates...
CVE-2026-49417
CVE-2026-49417 is part of two memory-safety issues in FreeBSD’s sound(4) mmap path. The advisories describe: (1) dsp_mmap_single() could overflow when validating a requested mapping, allowing a mapping to extend past the audio buffer into kernel memory (CVE-2026-45258), and (2) the audio buffer b...
CVE-2026-56117
dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...
Linux Distros Unpatched Vulnerability : CVE-2026-12216
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in svaarala duktape up to 2.99.99. This issue affects some unknown processing of the file dukapibytecode.c. Executing a...
SAMSUNG Android USB Driver 安全漏洞
The SAMSUNG Android USB Driver is a driver program developed by South Korean company Samsung. Versions of the SAMSUNG Android USB Driver for Windows prior to 1.9.5.0 contain security vulnerabilities. These vulnerabilities stem from improper input validation, which may allow local attackers to...
CVE-2026-11281
Integer overflow in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted ETW event. Chromium security severity: Low...
CVE-2026-11281
Integer overflow in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted ETW event. Chromium security severity: Low...
CVE-2026-11183
Out of bounds read in GWP-ASan in Google Chrome prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...
CVE-2026-11183
Out of bounds read in GWP-ASan in Google Chrome prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a buffer error vulnerability, which was caused by GWP-ASan out-of-bound reading. This vulnerability could allow local attackers to obtain potentially sensitive information from the process...
Linux Distros Unpatched Vulnerability : CVE-2026-9572
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function MediaGetSample of the file src/isomedia/media.c of the...
Astra Linux – Vulnerability in Linux-Firmware
A GPU kernel can read sensitive data from another GPU kernel even from another user or application through an optimized GPU memory region called local memory on various architectures...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, from version 5.19.9 onwards, the drivers/scsi/stex.c file allows local users to access sensitive information from kernel memory. This occurs because the stexqueuecommandlck function lacks a memset for the PASSTHRUCMD case...
Claude SDK for TypeScript 安全漏洞
Claude SDK for TypeScript is an open-source development toolkit by Anthropic, designed for calling the Claude API using TypeScript. There were security vulnerabilities in versions of Claude SDK for TypeScript from 0.79.0 to 0.91.1. These vulnerabilities stemmed from BetaLocalFilesystemMemoryTool...