2509 matches found
CVE-2026-5274
Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
CVE-2026-5274
CVE-2026-5274 is a Chrome/Chromium vulnerability: an integer overflow in Codecs allows a remote attacker to perform arbitrary read/write through a crafted HTML page. Affected software includes Google Chrome prior to version 146.0.7680.178 (with references to Chromium fixes). The issue is describe...
CVE-2026-5274
Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
CVE-2026-5274
Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
In Tint, reading and writing outside the allowed boundaries in Google Chrome on a Mac before version 145.0.7632.116 allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...
PT-2026-29570
Name of the Vulnerable Software and Affected Versions llama.cpp versions prior to b8492 Description A logic bug in the RPC backend's deserialize tensor function allows an unauthenticated attacker to read and write arbitrary process memory. This occurs because bounds validation is skipped when a...
Linux Distros Unpatched Vulnerability : CVE-2026-5274
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium...
Juju 安全漏洞
Juju is a canonical Juju open-source application orchestration engine. Versions 3.2.0 to 3.6.19, as well as 4.0 to 4.0.4, have security vulnerabilities. These vulnerabilities stem from the internal Dqlite database cluster failing to perform proper TLS client and server authentication. This allows...
PT-2026-29158
Name of the Vulnerable Software and Affected Versions NocoBase versions prior to 2.0.28 Description NocoBase is an AI-powered no-code/low-code platform. Versions of NocoBase prior to 2.0.28 have a security flaw that allows an authenticated attacker to achieve Remote Code Execution RCE as root. Th...
CVE-2026-33636
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit...
CVE-2026-28793
Tina is a headless content management system. Prior to 2.1.8, the TinaCMS CLI development server exposes media endpoints that are vulnerable to path traversal, allowing attackers to read and write arbitrary files on the filesystem outside the intended media directory. When running tinacms dev, th...
CVE-2026-33201
Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains an active debug code vulnerability. If this vulnerability is exploited, files or configurations on the affected device may be read or written, or arbitrary files may be executed with root privileges...
GREEN HOUSE Digital Photo Frame 安全漏洞
GREEN HOUSE Digital Photo Frame is an electronic photo frame device produced by the Japanese company GREEN HOUSE. The GREEN HOUSE Digital Photo Frame GH-WDF10A has a security vulnerability. This vulnerability stems from active debugging code, which may allow reading or writing file configurations...
CVE-2026-23374
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...
Linux Distros Unpatched Vulnerability : CVE-2026-23302
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them...
Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2025-38111)
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed ...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0094-1 Rating: important References: 1259964 Cross-References: CVE-2026-4439 CVE-2026-4440 CVE-2026-4441 CVE-2026-4442 CVE-2026-4443 CVE-2026-4444 CVE-2026-4445 CVE-2026-4446 CVE-2026-4447 CVE-2026-4448...
SUSE CVE-2026-4440
Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...
SUSE-SU-2026:20917-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. - CVE-2026-28494: missing bounds chec...
io_uring/rw: free potentially allocated iovec on cache put failure
...