40972 matches found
PT-2026-51257
Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V2 version 1.23 Description A security flaw in the POST Request Handler component allows for remote command injection. This occurs through the manipulation of the command argument within the mp function of the '/goform/mp'...
kernel: mptcp: fix slab-use-after-free in __inet_lookup_established
A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...
PT-2026-51137
Name of the Vulnerable Software and Affected Versions iCagenda versions prior to 4.0.8 Description The iCagenda extension for Joomla contains a flaw in the file attachment feature of its public event submission form. Due to improper restriction of file types, unauthenticated attackers can upload...
Astra Linux – Vulnerability in Chromium
Before version 91.0.4472.164, using "after free" in WebSerial with Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in yaml-cpp
The Scanner::EnsureTokensInQueue function in yaml-cpp also known as LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash through a crafted YAML file...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in Skia in Google Chrome prior to version 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Type Confusion in V8 in Google Chrome before version 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 90.0.4430.72, using Blink with Google Chrome on OS X allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
“Type Confusion in V8 in Google Chrome” before version 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
In Google Chrome versions prior to 87.0.4280.88, uninitialized use of V8 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
The use of Translate in Google Chrome before version 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in tab groups in Google Chrome prior to version 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Before version 92.0.4515.107, using Autofill in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
In V8 in Google Chrome, prior to version 142.0.7444.59, it was possible for a remote attacker to exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Before version 91.0.4472.77, using WebAudio with "after free" in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 92.0.4515.107, using free memory in GPUs with Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in WebXR in Google Chrome prior to version 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
SUSE CVE-2026-12455
Use after free in Tab Strip in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
EUVD-2026-37920
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a command injection vulnerability in the file upload function. The vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input...