9042 matches found
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Networking component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Networking component...
firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...
firefox: thunderbird: Use-after-free in the Networking: HTTP component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Networking: HTTP component...
kernel: net: atm: fix crash due to unvalidated vcc pointer in sigd_send()
A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM networking component. A local attacker, by acting as a malicious signaling daemon, could send a specially crafted message containing an unvalidated pointer. This unvalidated pointer would be directly used by the kernel, leading...
CVE-2026-10647 Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure
The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...
firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Networking component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Networking component...
CVE-2026-53292
A flaw was found in the Linux kernel's phonet networking subsystem. A local user could trigger a kernel panic by sending a specially crafted message, leading to a denial of service. This occurs because the pnsocketautobind function incorrectly assumes a socket is already bound when pnsocketbind...
neigh: let neigh_xmit take skb ownership
...
PT-2026-53076
Name of the Vulnerable Software and Affected Versions Zephyr versions 3.6.0 through 4.4.0 Description An out-of-bounds write exists in the IP socket recvmsg implementation within the insert pktinfo function. The issue occurs because the system validates the user-supplied ancillary msg control...
EulerOS 2.0 SP15 : kernel (EulerOS-SA-2026-2485)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 bpf: Fix undefined behavior in interpreter sdiv/smod for INTMINCVE-2026-31525...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: google-guest-agent-manager, gitlab-runner, omnictl-multiarch-fips, knative-serving-fips, crossplane-provider-aws-ecs, fscrypt, gitlab-cng-fips, crossplane-provider-aws-rds, etcd, chainloop-control-plane, chisel-fips, step-issuer-fips,...
RLSA-2026:29703 Important: containernetworking-plugins security update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
CVE-2026-53223
A flaw was found in the Linux kernel's networking component. This vulnerability allows a remote attacker to potentially access sensitive information or cause system instability. By sending specially crafted network packets, an attacker can exploit an issue in how the kernel handles timestamping f...
CVE-2026-53191
A flaw was found in the Linux kernel's iouring networking component. During bundle receive retries, an issue with inheriting the IORINGCQEFBUFMORE flag can cause the userspace to incorrectly advance the ring head. This memory handling error could lead to information disclosure or potentially allo...
[SECURITY] Fedora 44 Update: perl-Socket-2.041-1.fc44
This Perl module provides a variety of constants, structure manipulators and other functions related to socket-based networking. The values and functions provided are useful when used in conjunction with Perl core functions such as socket, setsockopt and bind. It also provides several other suppo...
SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2026:2583-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2583-1 advisory. Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. -...
CVE-2026-52984
A flaw was found in the Linux kernel's networking scheduler netem. The queue limit check in the netemenqueue function does not properly account for reordered packets, allowing the total queue occupancy to exceed its configured limit. This oversight can lead to a Denial of Service DoS condition,...
CVE-2026-53079
A flaw was found in the Linux kernel's networking scheduler netsched. When the network stack cleans up deferred packet lists, if the root queueing discipline qdisc does not implement the TCQFDEQUEUEDROPS flag, packets intended for release are not freed. This can lead to a memory leak, potentially...
CVE-2026-53264
A flaw was found in the Linux kernel's networking scheduler. A race condition, which is a problem that occurs when multiple operations try to access the same resource at the same time, exists when network filter operations are run concurrently. This can lead to a Use-After-Free UAF vulnerability,...