Lucene search
K
AlpinelinuxRecent

13033 matches found

AlpineLinux
AlpineLinux
•added 2026/04/22 9:39 a.m.•5 views

CVE-2026-33260

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS5.8AI score0.00524EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/22 9:38 a.m.•12 views

CVE-2026-33259

Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...

5CVSS5.2AI score0.00225EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/22 9:38 a.m.•11 views

CVE-2026-33258

By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC3 caches...

7.5CVSS5.2AI score0.00583EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/22 9:37 a.m.•3 views

CVE-2026-33257

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS5.8AI score0.00514EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/22 9:37 a.m.•8 views

CVE-2026-33256

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS5.3AI score0.00606EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/22 9:37 a.m.•9 views

CVE-2026-33601

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

4.9CVSS5.2AI score0.00512EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/22 9:33 a.m.•2 views

CVE-2026-33600

An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

4.9CVSS5.2AI score0.00523EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/22 8:37 a.m.•19 views

CVE-2026-6846

A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF Extended Common Object File Format object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution,...

7.8CVSS6AI score0.00171EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/22 8:30 a.m.•15 views

CVE-2026-6843

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

5.5CVSS5.7AI score0.00108EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/04/22 8:15 a.m.•8 views

CVE-2026-31431

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algifaead since the source and destination...

7.8CVSS6AI score0.96267EPSS
Exploits230
AlpineLinux
AlpineLinux
•added 2026/04/21 8:35 p.m.•7 views

CVE-2026-34282

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10;...

7.5CVSS7.3AI score0.00635EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 8:35 p.m.•8 views

CVE-2026-34268

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

2.9CVSS7.3AI score0.00122EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 8:35 p.m.•3 views

CVE-2026-22021

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

5.3CVSS7.3AI score0.00305EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 8:35 p.m.•7 views

CVE-2026-22018

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK:...

3.7CVSS7.3AI score0.00269EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 8:35 p.m.•8 views

CVE-2026-22016

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

7.5CVSS7.3AI score0.00702EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 8:35 p.m.•10 views

CVE-2026-22013

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

5.3CVSS7.3AI score0.0028EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 8:35 p.m.•7 views

CVE-2026-22008

Vulnerability in Oracle Java SE component: Libraries. The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this...

3.7CVSS7.3AI score0.00206EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 8:35 p.m.•7 views

CVE-2026-22007

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

2.9CVSS7.3AI score0.00124EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 8:9 p.m.•10 views

CVE-2026-40910

frp is a fast reverse proxy. From 0.43.0 to 0.68.0, frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part of access control. In proxy-style requests, the routing logic uses the username from Proxy-Authorization to select the routeByHTTPUser...

9.1CVSS5.5AI score0.00269EPSS
Exploits1References1
AlpineLinux
AlpineLinux
•added 2026/04/21 7:55 p.m.•5 views

CVE-2026-40892

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...

9.8CVSS5.6AI score0.00419EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 7:51 p.m.•4 views

CVE-2026-40890

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Processing a malformed input containing a character anywhere in the remaining text with a SmartypantsRenderer will lead to Out of Bounds read or a panic. This vulnerability is fixed with...

7.5CVSS5.3AI score0.00346EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/04/21 7:21 p.m.•4 views

CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

7.5CVSS5.8AI score0.0034EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 7:20 p.m.•11 views

CVE-2026-40372

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network...

9.1CVSS5.8AI score0.11205EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 6:4 p.m.•3 views

CVE-2026-40614

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.8CVSS5.9AI score0.00224EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/21 6:0 p.m.•6 views

CVE-2026-40613

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.10.0, the STUN/TURN attribute parsing functions in coturn perform unsafe pointer casts from uint8t to uint16t without alignment checks. When processing a crafted STUN message with odd-aligned attribute boundaries, thi...

7.5CVSS5.6AI score0.01123EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/04/21 5:43 p.m.•6 views

CVE-2026-40606

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...

4.8CVSS5.4AI score0.00166EPSS
Exploits1References1
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•10 views

CVE-2026-6786

Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

7.5CVSS6AI score0.00499EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•10 views

CVE-2026-6785

Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

7.5CVSS6AI score0.00513EPSS
Exploits0References6
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•5 views

CVE-2026-6784

Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS6AI score0.00302EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•4 views

CVE-2026-6783

Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.8AI score0.0023EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•5 views

CVE-2026-6781

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.7AI score0.00294EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•4 views

CVE-2026-6782

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.7AI score0.00253EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•5 views

CVE-2026-6780

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.7AI score0.00294EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•5 views

CVE-2026-6778

Invalid pointer in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.7AI score0.00256EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•5 views

CVE-2026-6779

Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.7AI score0.00208EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•5 views

CVE-2026-6777

Other issue in the Networking: DNS component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.7AI score0.00161EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•5 views

CVE-2026-6776

Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.8CVSS5.7AI score0.0011EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•3 views

CVE-2026-6775

Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.7AI score0.00208EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•6 views

CVE-2026-6774

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.4CVSS5.7AI score0.00153EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•6 views

CVE-2026-6773

Denial-of-service due to integer overflow in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•7 views

CVE-2026-6772

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.7AI score0.00269EPSS
Exploits0References6
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•4 views

CVE-2026-6770

Other issue in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

6.5CVSS5.7AI score0.04938EPSS
Exploits1References5
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•9 views

CVE-2026-6771

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

9.8CVSS5.7AI score0.00309EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•4 views

CVE-2026-6769

Privilege escalation in the Debugger component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

8.8CVSS5.8AI score0.00226EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•5 views

CVE-2026-6768

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

9.8CVSS5.8AI score0.00285EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/04/21 12:41 p.m.•5 views

CVE-2026-6767

Other issue in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

5.3CVSS5.8AI score0.00227EPSS
Exploits0References6
AlpineLinux
AlpineLinux
•added 2026/04/21 12:40 p.m.•4 views

CVE-2026-6766

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.8AI score0.00257EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/21 12:40 p.m.•7 views

CVE-2026-6765

Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

5.3CVSS5.7AI score0.00215EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/21 12:40 p.m.•4 views

CVE-2026-6764

Incorrect boundary conditions in the DOM: Device Interfaces component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

6.5CVSS5.7AI score0.00231EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/04/21 12:40 p.m.•5 views

CVE-2026-6763

Mitigation bypass in the File Handling component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

6.5CVSS5.8AI score0.00191EPSS
Exploits0References5
Total number of security vulnerabilities13033