2291 matches found
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...
CVE-2026-34718
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the HTML sanitizer for ticket articles was missing proper sanitization of data: ... URI schemes, resulting in storing such malicious content in the database of the Zammad instance. The Zammad GUI is...
CVE-2026-43965
Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may disclose internal states of the app
A flaw was found in WebKitGTK. Processing malicious web content can cause a memory initialization issue due to improper memory handling and result in the disclosure of the internal states of the application...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper state management...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
Crash during DNSSEC validation of malicious content
...
CVE-2025-31985
CVE-2025-31985 affects HCL BigFix Service Management (SM). The issue is a security misconfiguration caused by a missing or insecure X-Content-Type-Options header, which could allow browsers to perform MIME-type sniffing and potentially cause malicious content to be interpreted and executed incorr...
CVE-2026-42959
NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...
Astra Linux - уязвимость в webkit2gtk
This issue has been addressed through improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5, iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, and watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash...
Astra Linux - уязвимость в webkit2gtk
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Monterey 12.3, iOS 15.4, iPadOS 15.4, tvOS 15.4, and Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code...
Astra Linux - уязвимость в webkit2gtk
A logic issue has been addressed through improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1, and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information...
Astra Linux - уязвимость в webkit2gtk
This issue has been resolved through improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6, iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, and watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption...
Astra Linux - уязвимость в webkit2gtk
Multiple memory corruption issues have been resolved through improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, and Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux - уязвимость в webkit2gtk
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15, and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux - уязвимость в webkit2gtk
This issue has been resolved through improved checks. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, and watchOS 11.1. Processing maliciously crafted web content may prevent the Content Security Policy from...
Astra Linux - уязвимость в webkit2gtk
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in iOS 15.3, iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, and macOS Monterey 12.2. Processing maliciously crafted web content may lead to...