2317 matches found
EUVD-2026-40624
Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-13938
Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13938
Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13938
CVE-2026-13938 affects Google Chrome fonts handling prior to 150.0.7871.47. The underlying issue is an integer overflow in the Fonts component that enables a remote attacker to induce an out-of-bounds memory write via a crafted HTML page. The vulnerability is described with a Chromium-derived sev...
CVE-2026-13938
Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-38571
Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...
CVE-2026-38571
Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in WebAudio in Google Chrome prior to version 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in glib2.0
A flaw was discovered in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculations, the library may incorrectly calculate buffer boundaries. This can lead to memory writes outside of the allocated buffer. Applications...
CVE-2026-56115 Bootimus 0.1.70 Broken Access Control via JWTMiddleware Authorization Bypass
Bootimus through 0.1.70 contains a broken access control vulnerability that allows authenticated low-privileged users to perform administrative actions by exploiting missing role enforcement in the JWTMiddleware function in internal/auth/auth.go, which validates JWT tokens and account status but...
Astra Linux – Vulnerability in Chromium
In Mojo within Google Chrome, before version 99.0.4844.51, unauthorized memory access allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page...
Astra Linux – Vulnerability in PHP 7.3
In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25, and 8.0.x below 8.0.12, when running PHP FPM SAPI with the main FPM daemon process running as the root user and child worker processes running as lower-privileged users, it is possible for the child processes to access memory...
Astra Linux – Vulnerability in Chromium
In Google Chrome on Linux and ChromeOS before version 92.0.4515.107, an attacker who convinced a user to install a malicious extension could perform an out-of-bounds memory write by using a crafted HTML page. This vulnerability allowed the attacker to execute such an operation...
Astra Linux – Vulnerability in Linux 5.10, Linux
A flaw was discovered in KVM. When updating a guest’s page table entry, vmpgoff was incorrectly used as the offset to obtain the page’s pfn. Since vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region...
Astra Linux – Vulnerability in Chromium
Before version 91.0.4472.77, TabStrip in Google Chrome allowed an attacker who convinced a user to install a malicious extension to perform an out-of-bounds memory write through a crafted HTML page...
Astra Linux – Vulnerability in Linux
A out-of-bounds memory write flaw was discovered in the Linux kernel’s joystick devices subsystem in versions prior to 5.9-rc1. This flaw allows a local user to crash the system or potentially escalate their privileges on the system. The greatest threat posed by this vulnerability is related to...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: LoongArch: The ioaw hook was defined as mmiowb. The commit fb24ea52f78e0d595852e states that “drivers: Explicit invocations of mmiowb were removed.” All occurrences of mmiowb in drivers were removed. However, it is noted that:...
Astra Linux – Vulnerability in Chromium
Before the release of 90.0.4430.212, writing out-of-bounds data using TabStrip in Google Chrome allowed an attacker who convinced a user to install a malicious extension to perform an out-of-bounds memory write through a crafted HTML page and a crafted Google Chrome extension...
Astra Linux – Vulnerability in ntfs-3g
In NTFS-3G versions 2021.8.22, when specially crafted NTFS attributes are read in the function ntfsattrpreadi, a heap buffer overflow can occur, allowing for writing to arbitrary memory or causing denial of service for the application...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in Dawn in Google Chrome prior to version 125.0.6422.76 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...