Lucene search
+L
AlpinelinuxRecent

13063 matches found

AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.5 views

CVE-2026-6780

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.7AI score0.00294EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.5 views

CVE-2026-6778

Invalid pointer in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.7AI score0.00256EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.6 views

CVE-2026-6779

Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.7AI score0.00208EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.6 views

CVE-2026-6777

Other issue in the Networking: DNS component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.7AI score0.00161EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.6 views

CVE-2026-6776

Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.8CVSS5.7AI score0.0011EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.4 views

CVE-2026-6775

Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.7AI score0.00208EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.7 views

CVE-2026-6773

Denial-of-service due to integer overflow in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.7 views

CVE-2026-6774

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.4CVSS5.7AI score0.00153EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.8 views

CVE-2026-6772

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.7AI score0.00269EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.9 views

CVE-2026-6771

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

9.8CVSS5.7AI score0.00309EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.5 views

CVE-2026-6770

Other issue in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

6.5CVSS5.7AI score0.04938EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.5 views

CVE-2026-6769

Privilege escalation in the Debugger component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

8.8CVSS5.8AI score0.00226EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.6 views

CVE-2026-6768

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

9.8CVSS5.8AI score0.00285EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:41 p.m.5 views

CVE-2026-6767

Other issue in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

5.3CVSS5.8AI score0.00227EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.4 views

CVE-2026-6766

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.8AI score0.00257EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.5 views

CVE-2026-6764

Incorrect boundary conditions in the DOM: Device Interfaces component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

6.5CVSS5.7AI score0.00231EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.8 views

CVE-2026-6765

Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

5.3CVSS5.7AI score0.00215EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.6 views

CVE-2026-6763

Mitigation bypass in the File Handling component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

6.5CVSS5.8AI score0.00191EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.4 views

CVE-2026-6762

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

6.3CVSS5.8AI score0.00157EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.3 views

CVE-2026-6761

Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

8.8CVSS5.8AI score0.00221EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.14 views

CVE-2026-6760

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

9.8CVSS5.8AI score0.00279EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.3 views

CVE-2026-6759

Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.7AI score0.00363EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.3 views

CVE-2026-6758

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.8AI score0.00429EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.4 views

CVE-2026-6756

Mitigation bypass in Firefox for Android. This vulnerability was fixed in Firefox 150...

7.5CVSS5.8AI score0.00239EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.4 views

CVE-2026-6757

Invalid pointer in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

6.3CVSS5.8AI score0.00293EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.3 views

CVE-2026-6755

Mitigation bypass in the DOM: postMessage component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

6.5CVSS5.7AI score0.00189EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.7 views

CVE-2026-6754

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.8AI score0.00387EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.4 views

CVE-2026-6752

Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.3CVSS5.7AI score0.00306EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.3 views

CVE-2026-6753

Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.3CVSS5.8AI score0.00306EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.2 views

CVE-2026-6751

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.3CVSS5.7AI score0.00307EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.3 views

CVE-2026-6750

Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

8.8CVSS5.8AI score0.00483EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.3 views

CVE-2026-6749

Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.8AI score0.00403EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.2 views

CVE-2026-6748

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

9.8CVSS5.8AI score0.00399EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.5 views

CVE-2026-6747

Use-after-free in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.8AI score0.004EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/21 12:40 p.m.4 views

CVE-2026-6746

Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.8AI score0.00586EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/04/21 1:33 a.m.8 views

CVE-2026-40250

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1040 performs chan-width chan-bytesperelement in...

8.4CVSS5.8AI score0.0045EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/21 1:30 a.m.14 views

CVE-2026-40244

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

8.4CVSS5.8AI score0.00427EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/21 1:27 a.m.4 views

CVE-2026-39886

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS5.8AI score0.00302EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/04/21 12:47 a.m.24 views

CVE-2026-40264

OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. This is addressed in v2.5.3...

2.7CVSS5.4AI score0.00301EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/21 12:44 a.m.5 views

CVE-2026-39396

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, ExtractPluginFromImage in OpenBao's OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via io.Copy with no upper bound on the number of bytes written. ...

6.5CVSS5.8AI score0.00218EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/04/21 12:43 a.m.6 views

CVE-2026-39388

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a token renewal is requested and disablebinding=true is set, attempts to verify the current request's presented mTLS certificate matches the original. Toke...

3.1CVSS5.5AI score0.00101EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/21 12:19 a.m.4 views

CVE-2026-39946

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, when OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead to role revocation...

4.9CVSS5.8AI score0.00235EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/21 12:0 a.m.4 views

CVE-2026-40706

In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfsbuildpermissionsposix in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path stat, readdir, open when...

8.4CVSS5.7AI score0.00165EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/20 11:20 p.m.10 views

CVE-2026-35588

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module glances/exports/glancescassandra/init.py interpolates keyspace, table, and replicationfactor configuration values directly into CQL statements without validation. A user with write...

6.3CVSS5.8AI score0.00212EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/04/20 11:19 p.m.23 views

CVE-2026-35587

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...

8.8CVSS5.7AI score0.00396EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/04/20 11:9 p.m.20 views

CVE-2026-34839

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Glances web server exposes a REST API /api/4/ that is accessible without authentication and allows cross-origin requests from any origin due to a permissive CORS policy Access-Control-Allow-Origin: . This...

8.7CVSS5.4AI score0.00408EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/04/20 4:18 p.m.8 views

CVE-2026-41445

KissFFT before commit 8a8e66e contains an integer overflow vulnerability in the kissfftndralloc function in kissfftndr.c where the allocation size calculation dimOtherdimReal+2sizeofkissfftscalar overflows signed 32-bit integer arithmetic before being widened to sizet, causing malloc to allocate ...

8.8CVSS6AI score0.00288EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/04/18 6:43 a.m.7 views

CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

7.5CVSS5.3AI score0.00365EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/04/18 1:24 a.m.27 views

CVE-2026-40489

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directo...

8.6CVSS7.8AI score0.00965EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/04/18 12:0 a.m.5 views

CVE-2026-41083

This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...

Exploits0
Total number of security vulnerabilities13063