DEBIAN-CVE-2026-9930

Out of bounds write in Dawn in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2026-9930

Out of bounds write in Dawn in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2026-9930

Out of bounds write in Dawn in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2026-9930

CVE-2026-9930 affects the Dawn component of Google Chrome on macOS. A crafted HTML page can trigger an out-of-bounds write in Dawn, allowing a remote attacker to perform an out-of-bounds memory write. The issue is tied to Chrome versions before 148.0.7778.216. No exploitation details are provided...

CVE-2026-9930

Out of bounds write in Dawn in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

PT-2026-44638

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 148.0.7778.216 Description An out of bounds write exists in Dawn, which allows a remote attacker to perform an out of bounds memory write by using a crafted HTML page. An out of bounds write occurs when a...

PT-2026-47112

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opj jp2 read header may lead to OOB heap memory write when the data stream p stream is too short and p image is not initialized...

OESA-2026-2435 dnsmasq security update

Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portabl...

Astra Linux - уязвимость в php7.3

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25, and 8.0.x below 8.0.12, when running PHP FPM SAPI with the main FPM daemon process running as the root user and child worker processes running as lower-privileged users, it is possible for the child processes to access memory...

Astra Linux - уязвимость в chromium

In Google Chrome on Linux and ChromeOS before version 92.0.4515.107, an attacker who convinced a user to install a malicious extension could perform an out-of-bounds memory write by using a crafted HTML page. This vulnerability allowed the attacker to execute such an operation...

Astra Linux - уязвимость в chromium

Before version 91.0.4472.77, TabStrip in Google Chrome allowed an attacker who convinced a user to install a malicious extension to perform an out-of-bounds memory write through a crafted HTML page...

Astra Linux - уязвимость в ntfs-3g

In NTFS-3G versions 2021.8.22, when specially crafted NTFS attributes are read in the function ntfsattrpreadi, a heap buffer overflow can occur, allowing for writing to arbitrary memory or causing denial of service for the application...

Astra Linux - уязвимость в chromium

Before the release of 90.0.4430.212, writing out-of-bounds data using TabStrip in Google Chrome allowed an attacker who convinced a user to install a malicious extension to perform an out-of-bounds memory write through a crafted HTML page and a crafted Google Chrome extension...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the overloading of the meaning of MEMUNINIT Lonial reported an issue in the BPF verifier, where checkmemsizereg contains the following code: c if !tnumisconstreg-varoff / For unprivileged variable accesses, disable raw...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: The ioaw hook was defined as mmiowb. The commit fb24ea52f78e0d595852e states that “drivers: Explicit invocations of mmiowb were removed.” All occurrences of mmiowb in drivers were removed. However, it is noted that:...

Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A out-of-bounds write vulnerability was identified in the converttos3341a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memory allocated to the storage array and the loop...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: fixed a bug where a missing return value check was present. In the smb2sendinterimresp function, if ksmbdallocworkstruct fails to allocate a node, it returns a NULL pointer to the inwork pointer. This can lead to an...

BIT-MONGODB-2026-8053 FlatBSON Duplicate Field Index Drift

An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issue results from an inconsistency in the internal field-name-to-index mapping within the time-series...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-021480)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021480 advisory. A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the...

CVE-2025-29938

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to write to an arbitrary memory address resulting in denial of service or arbitrary code execution...