Lucene search
K
AlpinelinuxRecent

13033 matches found

AlpineLinux
AlpineLinux
•added 2026/04/30 5:4 a.m.•7 views

CVE-2026-6868

HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS5.8AI score0.00193EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/04/30 5:4 a.m.•5 views

CVE-2026-7378

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS5.8AI score0.00193EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/04/30 5:4 a.m.•6 views

CVE-2026-7379

Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS5.8AI score0.00193EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/04/30 5:4 a.m.•9 views

CVE-2026-7375

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS5.8AI score0.00193EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/04/30 5:4 a.m.•6 views

CVE-2026-7376

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS5.8AI score0.00193EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/04/30 12:0 a.m.•5 views

CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

9.8CVSS5.8AI score0.00321EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/30 12:0 a.m.•31 views

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

7.5CVSS5.8AI score0.00362EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/30 12:0 a.m.•5 views

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

5.3CVSS5.8AI score0.00246EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/30 12:0 a.m.•7 views

CVE-2026-40687

In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connection instance, or erroneous data processing that divulges data from uninitialized heap memory...

9.1CVSS5.8AI score0.00373EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/29 8:15 p.m.•7 views

CVE-2026-1858

wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...

4.8CVSS5.8AI score0.00155EPSS
Exploits1References1
AlpineLinux
AlpineLinux
•added 2026/04/29 1:31 p.m.•6 views

CVE-2026-42525

Jenkins Microsoft Entra ID previously Azure AD Plugin 666.v6060de32f87d and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2026/04/29 1:31 p.m.•7 views

CVE-2026-42524

Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

8CVSS5.9AI score0.00281EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2026/04/29 1:31 p.m.•6 views

CVE-2026-42522

A missing permission check in Jenkins GitHub Branch Source Plugin 1967.vdead580c1aba and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL with attacker-specified GitHub App credentials...

4.3CVSS5.8AI score0.00184EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2026/04/29 1:31 p.m.•8 views

CVE-2026-42521

Jenkins Matrix Authorization Strategy Plugin 2.0-beta-1 through 3.2.9 both inclusive invokes parameterless constructors of classes specified in configuration when deserializing inheritance strategies, without restricting the classes that can be instantiated, allowing attackers with Item/Configure...

6.5CVSS5.9AI score0.00246EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2026/04/29 1:31 p.m.•10 views

CVE-2026-42520

Jenkins Credentials Binding Plugin 719.v80e905ef14eb and earlier does not sanitize file names for file and zip file credentials, allowing attackers able to provide credentials to a job to write files to arbitrary locations on the node filesystem, which can lead to remote code execution if Jenkins...

7.5CVSS6.5AI score0.00411EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2026/04/29 1:31 p.m.•7 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS5.8AI score0.00174EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2026/04/29 11:44 a.m.•11 views

CVE-2026-42249

Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These...

9.8CVSS6.5AI score0.00625EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/04/29 11:44 a.m.•9 views

CVE-2026-42248

Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation of the update verification routine unconditionally returns success so no digital signature or trust validation is performed before stagin...

9.8CVSS6AI score0.00379EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/04/29 12:0 a.m.•3 views

CVE-2025-56536

A stored cross-site scripting XSS vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter...

6.1CVSS5.4AI score0.00185EPSS
Exploits3References2
AlpineLinux
AlpineLinux
•added 2026/04/29 12:0 a.m.•8 views

CVE-2025-56535

A cross-site scripting XSS vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the zone attribute parameter...

6.1CVSS5.4AI score0.00185EPSS
Exploits2References2
AlpineLinux
AlpineLinux
•added 2026/04/29 12:0 a.m.•10 views

CVE-2025-56537

A stored cross-site scripting XSS vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual network template parameter...

6.1CVSS5.4AI score0.00185EPSS
Exploits3References2
AlpineLinux
AlpineLinux
•added 2026/04/29 12:0 a.m.•7 views

CVE-2025-56534

A cross-site scripting XSS vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS5.4AI score0.00185EPSS
Exploits2References2
AlpineLinux
AlpineLinux
•added 2026/04/29 12:0 a.m.•8 views

CVE-2026-37555

An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...

8.2CVSS7.4AI score0.00504EPSS
Exploits2References20
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•27 views

CVE-2026-7355

Use after free in Media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00316EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•5 views

CVE-2026-7339

Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.9AI score0.00262EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•12 views

CVE-2026-7340

Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.4AI score0.00207EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•7 views

CVE-2026-7341

Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00399EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•8 views

CVE-2026-7342

Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00399EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•6 views

CVE-2026-7345

Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00243EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•5 views

CVE-2026-7346

Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.3AI score0.00252EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•4 views

CVE-2026-7336

Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00433EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•5 views

CVE-2026-7335

Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00309EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•4 views

CVE-2026-7348

Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00316EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•3 views

CVE-2026-7350

Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00236EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:36 p.m.•8 views

CVE-2026-7349

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...

7.5CVSS5.9AI score0.00136EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•6 views

CVE-2026-7351

Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: High...

3.1CVSS5.2AI score0.00093EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•6 views

CVE-2026-7354

Out of bounds read and write in Angle in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.4AI score0.00264EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•12 views

CVE-2026-7353

Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.7AI score0.00253EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•18 views

CVE-2026-7356

Use after free in Navigation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00309EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•4 views

CVE-2026-7357

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.6AI score0.00236EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•4 views

CVE-2026-7359

Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.4AI score0.00264EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•4 views

CVE-2026-7360

Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.3AI score0.00162EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•6 views

CVE-2026-7333

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.3AI score0.00286EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•5 views

CVE-2026-7344

Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.4AI score0.00244EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•2 views

CVE-2026-7343

Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS5.4AI score0.00182EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 10:35 p.m.•4 views

CVE-2026-7363

Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00309EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/28 1:49 p.m.•4 views

CVE-2026-7321

Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, and Thunderbird 140.10.1...

9.6CVSS5.8AI score0.00258EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/28 1:49 p.m.•4 views

CVE-2026-7324

Memory safety bugs present in Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1 and Thunderbird 150.0.1...

7.3CVSS6AI score0.003EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/28 1:49 p.m.•6 views

CVE-2026-7323

Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ES...

7.3CVSS6AI score0.00375EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/28 1:49 p.m.•7 views

CVE-2026-7322

Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ES...

7.3CVSS6AI score0.00316EPSS
Exploits0References6
Total number of security vulnerabilities13033