40920 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-8695
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 6.1.5 contains a use-after-free vulnerability in the gdbrthreadslist function that allows remote attackers to trigger memory corruption by sending a val...
Microsoft Copilot Tampering Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...
CVE-2026-6474
A flaw was found in PostgreSQL. This vulnerability, an externally-controlled format string in the timeofday function, allows a remote attacker to craft specific timezone zones. Successful exploitation can lead to the retrieval of sensitive portions of server memory, potentially disclosing...
EUVD-2026-31245
A time-of-check time-of-use TOCTOU condition in the adflush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...
Netatalk SQL注入漏洞
Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.0 to 4.4.2 of Netatalk have a SQL injection vulnerability. This vulnerability stems from the MySQL CNID backend’s SQL...
Astra Linux - уязвимость в chromium
In accessibility settings within Google Chrome, before version 112.0.5615.49, it was possible for a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
Before version 97.0.4692.71, using Free after PDF accessibility in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
The use of after-free in Cast in Google Chrome before version 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
The use of after-free in WebRTC in Google Chrome before version 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Using “after free” in the Browser History of Google Chrome before version 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chrome security severity: High...
Astra Linux - уязвимость в gpac
A vulnerability was discovered in GPAC version 2.4. It has been rated as problematic. The affected function is gfdashdownloadinitsegment in the file src/mediatools/dashclient.c. Manipulating the baseiniturl argument leads to a null pointer dereference. This attack can be launched remotely. The...
Astra Linux - уязвимость в chromium
Before version 94.0.4606.54, using the "after free" mechanism in the File System API in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
A heap buffer overflow in WebAudio in Google Chrome prior to version 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
A heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
The use of the “after free in storage foundation” feature in Google Chrome before version 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в linux-5.10, linux
A vulnerability has been discovered in the Linux kernel. It has been classified as problematic. The affected function is nilfsnew inode in the file fs/nilfs2/inode.c of the BPF component. This vulnerability allows for manipulation after the memory allocation function free is called. The attack ca...
Astra Linux - уязвимость в linux-5.10, linux
A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. The component affected by this vulnerability is the “ipv6renewoptions” function within the IPv6 handler. This vulnerability causes a memory leak. The attack can be launched remotely. It is recommended th...
Astra Linux - уязвимость в binutils
A vulnerability was discovered in cp-demangle.c within GNU libiberty, as part of the GNU Binutils 2.31 package. This vulnerability stems from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could exploit this vulnerability to cause a...
Astra Linux - уязвимость в chromium
Using “after free” in WebGPU in Google Chrome before version 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...