CVE-2026-11180

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

Astra Linux - уязвимость в linux-5.10, linux

There is a known vulnerability in the l2capparseconfreq function of the Linux kernel’s net/bluetooth/l2capcore.c file, which can be exploited to remotely leak kernel pointers. We recommend updating to the previous commit:...

Astra Linux - уязвимость в chromium

Insufficient data validation in Chrome on iOS, as well as in Google Chrome on iOS, prior to version 89.0.4389.72, allowed a remote attacker to leak cross-origin data through a crafted HTML page...

SUSE CVE-2026-7979

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-8022

Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted MHTML page. Chromium security severity: Low...

EUVD-2020-3901

Malware in sbrugna...

CLSA-2024-1733141074 krb5: Fix of 2 CVEs

CVE-2024-26458: Fix memory leak vulnerability in src/lib/rpc/pmaprmt.c - CVE-2024-26461: Fix memory leak vulnerability in src/lib/gssapi/krb5/k5sealv3.c...

PT-2024-31471 · Mage Ai · Mage Ai

Name of the Vulnerable Software and Affected Versions: Mage AI affected versions not specified Description: The issue allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Git Content" request. This can potentially lead to remote...

CVE-2021-34969

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

HackerOne: [CVE-2022-44268] Arbitrary Remote Leak via ImageMagick

A Local File Inclusion vulnerability was discovered in an outdated version of ImageMagick used for image resizing on a website. An attacker could exploit this vulnerability by uploading a malicious PNG image, which would include the local file as content of the resized image in a hexadecimal...

DEBIAN-CVE-2022-42895

There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e...

PT-2022-6333 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap core.c's l2cap parse conf req function, which can be used to leak kernel pointers remotely...

CVE-2022-3817

A vulnerability has been found in Axiomatic Bento4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component mp4mux. The manipulation leads to memory leak. The attack can be launched remotely. The exploit has been disclosed to the public and may be...

DEBIAN-CVE-2021-37601

muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information list of admins, members, owners, and banned entities of a Multi-User chat room in some common configurations...

Debian: Security Advisory (DSA-4847-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenSSL TLS Heartbeat Extension - Heartbleed Information Leak (2) (DTLS Support)

OpenSSL TLS Heartbeat Extension - Heartbleed Information Leak 2 DTLS Support / CVE-2014-0160 heartbleed OpenSSL information leak exploit ========================================================= This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leake...