CVE-2026-4430

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...

Linux Distros Unpatched Vulnerability : CVE-2026-7964

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer...

Linux Distros Unpatched Vulnerability : CVE-2026-43175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - clk: rs9: Reserve 8 struct clkhw slots for for 9FGV0841 The 9FGV0841 has 8 outputs and registers 8 struct clkhw, make sure there are 8 slots for those newly...

Linux Distros Unpatched Vulnerability : CVE-2026-7943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process t...

Linux Distros Unpatched Vulnerability : CVE-2026-4430

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue...

Linux Distros Unpatched Vulnerability : CVE-2024-44825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory Traversal vulnerability in Centro de Tecnologia da Informaco Renato Archer InVesalius3 v3.1.99995 allows attackers to write arbitrary files unto the...

Linux Distros Unpatched Vulnerability : CVE-2026-7989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perfo...

Moderate: libpng security update

The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes: libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion CVE-2026-33636 For more details...

CVE-2026-43244

A flaw was found in the Linux kernel's Kernel Connection Multiplexer KCM module. A local user could trigger an issue where, during partial sendmsg operations, an empty network buffer skb is incorrectly left in the fraglist. A subsequent zero-length write operation can then cause a kernel warning,...

CVE-2026-43223

A flaw was found in the Linux kernel's pvrusb2 media driver. When the pvr2sendrequestex function submits a write USB Request Block URB but fails to submit a read URB, the write URB remains active. A subsequent attempt to use this URB triggers a warning, which can lead to system instability or a...

EUVD-2026-28170

OpenClaw before 2026.4.10 contains an insufficient access control vulnerability in Nostr plugin HTTP profile routes that allows operators with write permissions to persist profile configuration without requiring admin authority. Attackers with operator.write scope can modify Nostr profile setting...

EUVD-2026-28081

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

EUVD-2026-28027

Insufficient policy enforcement in DirectSockets in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via a crafted Chrome Extension. Chromium security severity: Medium...

EUVD-2026-28031

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

EUVD-2026-28003

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. Chromium security severity: Medium...

EUVD-2026-27989

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

EUVD-2026-28005

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

EUVD-2026-27927

Integer overflow in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

EUVD-2026-27901

Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Directory Traversal

Overview org.openmrs.web:openmrs-web is a patient-based medical record system focusing on giving providers a free customizable electronic medical record system EMR. Affected versions of this package are vulnerable to Directory Traversal via the WebModuleUtil.startModule function in POST...