53680 matches found
DEBIAN-CVE-2026-13023
Uninitialized Use in GPU in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
CVE-2026-53108
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unmap race with PMD migration entries The following race is possible with migration swap entries or device-private THP entries. e.g. when movepages is called on a PMD THP page, then there maybe an intermediate...
PT-2026-52177
The Tealium iQ Tag Management module provides Drupal integration with Tealium iQ. tealiumiq stores some data as PHP-serialized strings. In some situations, malicious data can be written directly to the field. This can lead to an Object Injection vulnerability when the data are unserialized. This...
DEBIAN-CVE-2026-56113
dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...
RHSA-2026:26566 Red Hat Security Advisory: xorg-x11-server-Xwayland security, bug fix, and enhancement update
Bulletin has no description...
SUSE CVE-2026-48619
A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
Astra Linux – Vulnerability in Node.js
The generateKeys API function returned by crypto.createDiffieHellman only generates missing or outdated keys. In other words, it only generates a private key if none has been set yet. However, this function is also needed to compute the corresponding public key after calling setPrivateKey...
PT-2026-51023
Name of the Vulnerable Software and Affected Versions Lima versions prior to 2.1.3 Description An unprivileged user within a Lima QEMU guest can access the root-owned guest-agent socket, allowing them to execute commands with root privileges inside the virtual machine. Recommendations Update to...
Security Bulletin: OpenSSH client bug (CVE-2016-0777 and CVE-2016-0778)
Question Security Bulletin: OpenSSH client bug CVE-2016-0777 and CVE-2016-0778 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All...
GHSA-3VGW-585J-4M45 BBOT: Path traversal (Zip-Slip) in unarchive module - incomplete fix for CVE-2025-10284
The unarchive internal module's archive extraction commands perform no code-level validation on extracted file paths, relying entirely on the behavior of external tools e.g. GNU tar which varies by platform. While CVE-2025-10284 addressed git-specific RCE vectors, the underlying archive extractio...
CVE-2026-48979
PHP Standard Library PSL is set of APIs covering async, collections, networking, I/O, cryptography, terminal UI, etc. In versions 6.1.0, 6.1.1 and 6.2.0, the Psl\H2\ServerConnection does not validate that the total bytes received in DATA frames match the content-length header declared in the...
CVE-2026-46970
...
CVE-2026-46963
...
CVE-2026-46957
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-46957
...
CVE-2026-46953
...
CVE-2026-46951
Technical details about CVE-2026-46951 are not publicly provided in the supplied documents. Monitor Oracle security alerts and CVE feeds for updates on affected products, impact, and fixes.
CVE-2026-46946
Technical details are not publicly available in the provided documents for CVE-2026-46946; monitor for updates.
CVE-2026-46935
...
CVE-2026-46919
Technical details about CVE-2026-46919 are not publicly available in the provided documents. Monitor for updates from Oracle security alerts and CVE records for affected products, impact, and remediation.