Lucene search
K
AlpinelinuxRecent

13023 matches found

AlpineLinux
AlpineLinux
•added 2026/05/07 6:17 p.m.•8 views

CVE-2026-42215

GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and receivepack bypass that check. If an...

8.8CVSS6AI score0.00719EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/07 1:9 p.m.•10 views

CVE-2026-41685

Incus is a system container and virtual machine manager. Prior to version 7.0.0, uploads of large amount of data by authenticated users can run the Incus server out of disk space, potentially taking down the host system. The impact here is limited for anyone using storage.imagesvolume and...

4.3CVSS5.7AI score0.00333EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/07 1:8 p.m.•8 views

CVE-2026-41684

Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy backup/container/backup.yaml file if result.Config == nil. As a result, an archive can carry a valid...

6.5CVSS5.7AI score0.00408EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/07 1:5 p.m.•10 views

CVE-2026-41648

Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This was making it easy for an authenticated user to provide a crafted image or backup tarball that when...

5.3CVSS5.7AI score0.00269EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/07 1:2 p.m.•9 views

CVE-2026-41647

Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a truncated storage bucket backup file. This issue has been patched in version 7.0.0...

6.5CVSS5.7AI score0.00394EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/07 12:45 p.m.•23 views

CVE-2026-8093

Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2 and Thunderbird 150.0.2...

8.1CVSS6AI score0.00323EPSS
Exploits0References4
AlpineLinux
AlpineLinux
•added 2026/05/07 12:45 p.m.•14 views

CVE-2026-8092

Memory safety bugs present in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2, Firefox ES...

8.1CVSS6AI score0.00384EPSS
Exploits0References6
AlpineLinux
AlpineLinux
•added 2026/05/07 12:45 p.m.•13 views

CVE-2026-8090

Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2...

7.3CVSS5.8AI score0.00317EPSS
Exploits0References6
AlpineLinux
AlpineLinux
•added 2026/05/07 7:16 a.m.•10 views

CVE-2026-4430

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...

7.8CVSS5.8AI score0.00078EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2026/05/07 4:4 a.m.•8 views

CVE-2026-42217

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger decodes a variable-length integer fro...

9.8CVSS5.8AI score0.00393EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/07 4:1 a.m.•11 views

CVE-2026-42216

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...

9.1CVSS5.8AI score0.00354EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/07 3:58 a.m.•10 views

CVE-2026-41142

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, there is an integer overflow in ImageChannel::resize that leads...

8.8CVSS5.8AI score0.00355EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/06 8:40 p.m.•11 views

CVE-2026-40251

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The backup restore subsystem contains an...

7.1CVSS5.8AI score0.00408EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/06 8:38 p.m.•21 views

CVE-2026-40243

Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN client implementations disable Go standard TLS server verification and replace it with...

4.8CVSS5.8AI score0.00173EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/06 8:36 p.m.•7 views

CVE-2026-40197

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The custom volume backup import subsystem...

7.1CVSS5.8AI score0.00299EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/06 8:33 p.m.•10 views

CVE-2026-40195

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage bucket import logic allows an authenticated user with access to the storage bucket feature to cause the Incus daemon to crash. The vulnerability is present in the backup...

7.1CVSS5.8AI score0.00398EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/05/06 7:36 p.m.•7 views

CVE-2026-40171

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...

8.4CVSS6AI score0.00476EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•8 views

CVE-2026-8022

Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted MHTML page. Chromium security severity: Low...

3.1CVSS5.8AI score0.00152EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•12 views

CVE-2026-8020

Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.8AI score0.00207EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•6 views

CVE-2026-8017

Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

3.1CVSS5.5AI score0.00145EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•11 views

CVE-2026-8016

Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

8.8CVSS6.2AI score0.00307EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•10 views

CVE-2026-8015

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.8AI score0.00159EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•11 views

CVE-2026-8014

Inappropriate implementation in Preload in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00163EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•10 views

CVE-2026-8011

Insufficient policy enforcement in Search in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00163EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•9 views

CVE-2026-8012

Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

5.4CVSS6AI score0.00139EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•10 views

CVE-2026-8009

Inappropriate implementation in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5CVSS5.8AI score0.0012EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•11 views

CVE-2026-8010

Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Low...

6.3CVSS5.7AI score0.00136EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•12 views

CVE-2026-8007

Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

7.5CVSS5.8AI score0.0019EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•9 views

CVE-2026-8004

Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS5.8AI score0.00125EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•11 views

CVE-2026-8003

Insufficient validation of untrusted input in TabGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Low...

5.4CVSS5.8AI score0.00146EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•8 views

CVE-2026-8002

Use after free in Audio in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

8.8CVSS6.2AI score0.00242EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•6 views

CVE-2026-8001

Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

8.3CVSS5.3AI score0.00178EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•9 views

CVE-2026-7998

Insufficient validation of untrusted input in Dialog in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.8AI score0.0019EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•9 views

CVE-2026-7999

Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00163EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•9 views

CVE-2026-7996

Insufficient validation of untrusted input in SSL in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.2CVSS5.8AI score0.00172EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•22 views

CVE-2026-7993

Insufficient validation of untrusted input in Payments in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00186EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•9 views

CVE-2026-7991

Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00223EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•9 views

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS6AI score0.00163EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•8 views

CVE-2026-7988

Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00307EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•12 views

CVE-2026-7987

Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00338EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•8 views

CVE-2026-7986

Insufficient policy enforcement in Autofill in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00157EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•9 views

CVE-2026-7985

Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00206EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•10 views

CVE-2026-7983

Out of bounds read in Dawn in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00193EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•9 views

CVE-2026-7980

Use after free in WebAudio in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00338EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:13 p.m.•9 views

CVE-2026-7982

Uninitialized Use in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00239EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:12 p.m.•9 views

CVE-2026-7977

Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.3CVSS5.8AI score0.00157EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:12 p.m.•13 views

CVE-2026-7974

Use after free in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00267EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:12 p.m.•21 views

CVE-2026-7975

Use after free in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00206EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:12 p.m.•9 views

CVE-2026-7976

Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

7.5CVSS6.2AI score0.0018EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/05/06 6:12 p.m.•10 views

CVE-2026-7972

Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00238EPSS
Exploits0
Total number of security vulnerabilities13023