99682 matches found
RLSA-2026:23231 Important: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...
unbound security update
An update is available for unbound. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unbound packages provide a validating, recursive, and caching DNS or...
CVE-2026-10961
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10952
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-10915
Use after free in Core in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10951
Use after free in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-10958
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-10885
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-10896
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...
EulerOS Virtualization 2.13.1 : grub2 (EulerOS-SA-2026-2130)
According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability has been identified in the GNU GRUB Grand Unified Bootloader. The flaw occurs because the file-closin...
EulerOS Virtualization 2.13.0 : libxslt (EulerOS-SA-2026-2179)
According to the versions of the libxslt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers an...
EulerOS Virtualization 2.10.1 : libxslt (EulerOS-SA-2026-2029)
According to the versions of the libxslt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers an...
EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2026-2049)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ACPI: CPPC: Avoid out of bounds access when parsing CPC dataCVE-2022-49145 scsi: libsas: Fix use-after-free bug in...
EulerOS Virtualization 2.10.0 : libxslt (EulerOS-SA-2026-2056)
According to the versions of the libxslt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers an...
RHEL 9 : qemu-kvm (RHSA-2026:22147)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22147 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the...
EulerOS Virtualization 2.13.0 : grub2 (EulerOS-SA-2026-2169)
According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability has been identified in the GNU GRUB Grand Unified Bootloader. The flaw occurs because the file-closin...
EulerOS Virtualization 2.13.1 : libxslt (EulerOS-SA-2026-2140)
According to the versions of the libxslt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers an...
EulerOS Virtualization 2.13.0 : qemu (EulerOS-SA-2026-2195)
According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a...
RHEL 9 : kernel (RHSA-2026:22940)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22940 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue...
CVE-2026-7111
Text::CSVXS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getlineall methods invoke registered callbacks for example afterparse, beforeprint, or...