41186 matches found
Astra Linux - уязвимость в chromium
Before version 94.0.4606.54, using the "after free" mechanism in the File System API in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
The use of the “after free in storage foundation” feature in Google Chrome before version 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в binutils
A vulnerability was discovered in cp-demangle.c within GNU libiberty, as part of the GNU Binutils 2.31 package. This vulnerability stems from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could exploit this vulnerability to cause a...
Astra Linux - уязвимость в chromium
A heap buffer overflow in Bookmarks in Google Chrome prior to version 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
In V8 in Google Chrome, prior to version 95.0.4638.54, it was possible for a remote attacker to exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в ghostscript
A divide-by-zero issue was discovered in epsprintpage within gdevepsn.c in Artifex Software GhostScript 9.50. This issue allows remote attackers to cause a denial of service by opening crafted PDF files...
Astra Linux - уязвимость в chromium
Using “after free” in Aura in Google Chrome before version 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Astra Linux - уязвимость в openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: ImageIO. The supported versions affected include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable vulnerabili...
Astra Linux - уязвимость в chromium
Before version 88.0.4324.96, using WebSQL in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
SUSE CVE-2026-7734
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
ROS-20260520-73-0055
A vulnerability in the Navigation function of the Google Chrome web browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0032
A vulnerability in the CSS component of the Google Chrome browser is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0026
A vulnerability in the WebAudio component of the Google Chrome browser is related to reading outside of the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0027
A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0024
A vulnerability in the Extensions component of the Google Chrome and Microsoft Edge browsers is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
📄 ZTE Unauthenticated Denial of Service
ZTE routers 17+ models suffer from an unauthenticated denial of service vulnerability via an oversized POST body. Title: ZTE Routers 17+ Models - Unauthenticated Denial of Service via Oversized POST Body Date: 2026-05-20 Author: Mina Nageh Salalma Monx Research CVE: CVE-2026-34473 Vendor: ZTE...
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...
CVE-2026-37979
A flaw was found in Keycloak. This access control vulnerability in Keycloak's OpenID Connect OIDC token introspection endpoint allows a confidential client to bypass audience restrictions. An attacker-controlled client with valid credentials can retrieve sensitive token claims intended for other...