60446 matches found
CVE-2026-4673
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
EUVD-2026-14676
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
CVE-2026-4673
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
CVE-2026-4673
CVE-2026-4673 is a heap buffer overflow in WebAudio in Google Chrome. Before 146.0.7680.165, a crafted HTML page could trigger an out-of-bounds memory write, enabling a remote attacker to exploit the vulnerability. Affected component: WebAudio in Chrome (Chromium). Root cause: heap buffer overflo...
PT-2026-27326
Out-of-bounds Write vulnerability in timeplus-io proton base/poco/Foundation/src modules. This vulnerability is associated with program files inflate.C. This issue affects proton: before 1.6.16...
DualSenseY 安全漏洞
DualSenseY is a PlayStation controller simulation tool developed by WujekFoliarz, designed to support multiple functions. Previous versions of DualSenseY-v2 and 54 contained security vulnerabilities, which were caused by out-of-bound writing...
OpenClaw backlink vulnerability (CNVD-2026-14861)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a backlink vulnerability that can be exploited by an attacker to read and write files outside the agent's workspace, which in turn can be used to execute code via a file overwrite attack...
Android ImageMagick 安全漏洞
Android ImageMagick is an image processing library developed by Cherry’s individual developer for the Android platform. Versions of Android ImageMagick prior to 7.1.2-10 contained security vulnerabilities, which stemmed from out-of-bound writing attacks...
Proton 安全漏洞
Proton is an independent application developed by Steventhanna’s developer, which uses Electron to quickly preview and edit Markdown files. Versions of Proton prior to 1.6.16 have security vulnerabilities; these vulnerabilities stem from out-of-bound writing, which may lead to issues with the...
PT-2026-27349
Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11...
SUSE SLES12 Security Update : kernel (Live Patch 72 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:0958-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0958-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.272 fixes various security issues The following security issues were fixed: -...
Node.js 20.x < 20.20.2 Multiple Vulnerabilities (Tuesday, March 24, 2026 Security Releases).
The version of Node.js installed on the remote host is prior to 20.20.2. It is, therefore, affected by multiple vulnerabilities as referenced in the Tuesday, March 24, 2026 Security Releases advisory. - A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of ...
SUSE SLES12: libsqlite3-0 / libsqlite3-0-32bit / sqlite3 / sqlite3-devel / etc (SUSE-SU-2026:0955-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0955-1 advisory. Update to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose...
Linux Distros Unpatched Vulnerability : CVE-2026-4775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by...
Linux Distros Unpatched Vulnerability : CVE-2026-4679
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...
(lib)tiff -- Integer Overflow or Wraparound
PrymEvol and Quang Luong reports: A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrec...
CVE-2026-33286 Graphiti Affected by Arbitrary Method Execution via Unvalidated Relationship Names
Graphiti is a framework that sits on top of models and exposes them via a JSON:API-compliant interface. Versions prior to 1.10.2 have an arbitrary method execution vulnerability that affects Graphiti's JSONAPI write functionality. An attacker can craft a malicious JSONAPI payload with arbitrary...
CVE-2026-33286 Graphiti Affected by Arbitrary Method Execution via Unvalidated Relationship Names
Graphiti is a framework that sits on top of models and exposes them via a JSON:API-compliant interface. Versions prior to 1.10.2 have an arbitrary method execution vulnerability that affects Graphiti's JSONAPI write functionality. An attacker can craft a malicious JSONAPI payload with arbitrary...
CVE-2026-33286
Graphiti is a framework that sits on top of models and exposes them via a JSON:API-compliant interface. Versions prior to 1.10.2 have an arbitrary method execution vulnerability that affects Graphiti's JSONAPI write functionality. An attacker can craft a malicious JSONAPI payload with arbitrary...
CVE-2026-33286 Graphiti Affected by Arbitrary Method Execution via Unvalidated Relationship Names
Graphiti is a framework that sits on top of models and exposes them via a JSON:API-compliant interface. Versions prior to 1.10.2 have an arbitrary method execution vulnerability that affects Graphiti's JSONAPI write functionality. An attacker can craft a malicious JSONAPI payload with arbitrary...