16014 matches found
CVE-2026-58208
A flaw was found in NATS Server. An unauthenticated client with access to the WebSocket listener could exploit a vulnerability where requests for the MQTT-over-WebSocket path were incorrectly routed into MQTT handling, even when MQTT was not configured. This allowed the client to access...
ROS-20260713-73-0010
The vulnerability involves access to an uninitialized pointer. Exploiting this vulnerability could allow a attacker to cause a service failure...
Chromium: CVE-2026-13969 Uninitialized Use in UI
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-13943 Uninitialized Use in CSS
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-13923 Uninitialized Use in GPU
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-13825 Uninitialized Use in Dawn
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-13833 Uninitialized Use in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14421 Uninitialized Use in Dawn
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14418 Uninitialized Use in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14413 Uninitialized Use in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14408 Uninitialized Use in Dawn
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14405 Uninitialized Use in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14402 Uninitialized Use in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14399 Uninitialized Use in Dawn
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
JLSEC-2026-663 libssh2 through 1.11.1 grows its publickey list with SSH2_REALLOC but does not zero-initialize...
libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...
Oracle Linux 7 : tigervnc (ELSA-2026-22456)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-22456 advisory. - Fix CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003 and CVE-2026-34352 Orabug: 39478221 - Fix CVE-2025-62229:...
OESA-2026-2935 libidn security update
GNU Libidn is a fully documented implementation of the Stringprep, Punycode and IDNA 2003 specifications. Libidn's purpose is to encode and decode internationalized domain names. Security Fixes: GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs...
OESA-2026-2934 libidn security update
GNU Libidn is a fully documented implementation of the Stringprep, Punycode and IDNA 2003 specifications. Libidn's purpose is to encode and decode internationalized domain names. Security Fixes: GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs...
EUVD-2026-42478
Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
EUVD-2026-42481
Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...