CVE-2026-34776

A flaw was found in Electron, a framework for building desktop applications. On macOS and Linux, a local user could exploit an out-of-bounds heap read vulnerability by sending a specially crafted message to an Electron application that uses the app.requestSingleInstanceLock function. Apps that do...

CVE-2026-34776

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, on macOS and Linux, apps that call app.requestSingleInstanceLock were vulnerable to an out-of-bounds heap read when parsing a crafted...

CVE-2026-34776 Electron: Out-of-bounds read in second-instance IPC on macOS and Linux

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, on macOS and Linux, apps that call app.requestSingleInstanceLock were vulnerable to an out-of-bounds heap read when parsing a crafted...

CVE-2026-34776 Electron: Out-of-bounds read in second-instance IPC on macOS and Linux

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, on macOS and Linux, apps that call app.requestSingleInstanceLock were vulnerable to an out-of-bounds heap read when parsing a crafted...

CVE-2026-34776

Electron suffers an out-of-bounds heap read on macOS/Linux when an app calls app.requestSingleInstanceLock() and processes a crafted second-instance message. The vulnerability allows leaking memory contents to the second-instance handler and is limited to processes running under the same user as ...

CVE-2026-34776

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, on macOS and Linux, apps that call app.requestSingleInstanceLock were vulnerable to an out-of-bounds heap read when parsing a crafted...

Out-of-bounds Read

Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Out-of-bounds Read in the second-instance event handler when parsing a crafted second-instance message via the...

GHSA-3C8V-CFP5-9885 Electron: Out-of-bounds read in second-instance IPC on macOS and Linux

Impact On macOS and Linux, apps that call app.requestSingleInstanceLock were vulnerable to an out-of-bounds heap read when parsing a crafted second-instance message. Leaked memory could be delivered to the app's second-instance event handler. This issue is limited to processes running as the same...

Electron: Out-of-bounds read in second-instance IPC on macOS and Linux

Impact On macOS and Linux, apps that call app.requestSingleInstanceLock were vulnerable to an out-of-bounds heap read when parsing a crafted second-instance message. Leaked memory could be delivered to the app's second-instance event handler. This issue is limited to processes running as the same...

SUSE CVE-2025-25207

The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...

UBUNTU-CVE-2025-46733

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In version 4.5.0, using a specially crafted tee-supplicant binary running in REE userspace, an attacker can trigger a panic in a TA that...

WEM Agent error, "Only a single agent instance can be run within a session!"

Error showing from WEM Agent, "Only a single agent instance can be run within a session!"...

Security update for pcmanfm (moderate)

openSUSE Security Update: Security update for pcmanfm Announcement ID: openSUSE-SU-2022:10001-1 Rating: moderate References: 1039140 Cross-References: CVE-2017-8934 CVSS scores: CVE-2017-8934 NVD : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP3 A...

CVE-2020-4778

IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156...

CVE-2020-4778

IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156...

CVE-2018-0369

A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service DoS condition. There are four instances of the npusim proces...

CVE-2017-14694

Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at...

Update rollup for the Single Instance Storage (SIS) component

Update rollup for the Single Instance Storage SIS component Symptoms This is a Single Instance Storage SIS update rollup for Windows Storage Server 2008 R2 and Windows Server 2008 R2. This update rollup resolves the following issues: Issue 1 After a file is truncated to empty size on a SIS volume...

[SECURITY] Fedora 21 Update: cyrus-imapd-2.4.18-1.fc21

The cyrus-imapd package contains the core of the Cyrus IMAP server. It is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based internet mail technologies. A full Cyrus IMAP implementation allows a seamless mail and bulletin board...

Fedora Update for cyrus-imapd FEDORA-2011-13832

Check for the Version of cyrus-imapd OpenVAS Vulnerability Test Fedora Update for cyrus-imapd FEDORA-2011-13832 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...