Lucene search
K
AlpinelinuxRecent

13033 matches found

AlpineLinux
AlpineLinux
•added 2026/04/09 7:30 p.m.•5 views

CVE-2026-5194

Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...

9.3CVSS7.2AI score0.00468EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/04/09 7:27 p.m.•9 views

CVE-2026-40077

Beszel is a server monitoring platform. Prior to 0.18.7, some API endpoints in the Beszel hub accept a user-supplied system ID and proceed without further checks that the user should have access to that system. As a result, any authenticated user can access these routes for any system if they kno...

3.5CVSS5.8AI score0.00219EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/04/09 7:20 p.m.•9 views

CVE-2026-29145

CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M7 through 10.1.52, from 9.0.83 through 9.0.115; Apache Tomcat...

9.1CVSS5.8AI score0.00715EPSS
Exploits2
AlpineLinux
AlpineLinux
•added 2026/04/09 7:5 p.m.•6 views

CVE-2026-39977

flatpak-builder is a tool to build flatpaks from source. From 1.4.5 to before 1.4.8, the license-files manifest key takes an array of paths to user defined licence files relative to the source directory of the module. The paths from that array are resolved using gfileresolverelativepath and...

7.1CVSS5.9AI score0.00288EPSS
Exploits1References1
AlpineLinux
AlpineLinux
•added 2026/04/09 2:49 p.m.•2 views

CVE-2026-4878

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...

7CVSS5.7AI score0.00188EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/04/09 2:41 p.m.•3 views

CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS6AI score0.00195EPSS
Exploits1References6
AlpineLinux
AlpineLinux
•added 2026/04/08 9:35 p.m.•8 views

CVE-2026-40036

Unfurl before 2026.04 contains an unbounded zlib decompression vulnerability in parsecompressed.py that allows remote attackers to cause denial of service. Attackers can submit highly compressed payloads via URL parameters to the /json/visjs endpoint that expand to gigabytes, exhausting server...

8.7CVSS5.8AI score0.00508EPSS
Exploits1References3
AlpineLinux
AlpineLinux
•added 2026/04/08 9:35 p.m.•13 views

CVE-2026-40035

Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by default. The debug configuration value is read as a string and passed directly to app.run, causing any non-empty string to evaluate truthy, allowing attackers to access th...

9.3CVSS6.1AI score0.00557EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•6 views

CVE-2026-5919

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.0019EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•5 views

CVE-2026-5918

Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00158EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•4 views

CVE-2026-5913

Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Low...

8.1CVSS8.4AI score0.00205EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•3 views

CVE-2026-5915

Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS5.8AI score0.00194EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•3 views

CVE-2026-5914

Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Low...

8.8CVSS5.8AI score0.00164EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•5 views

CVE-2026-5912

Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Low...

8.8CVSS5.8AI score0.00215EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•5 views

CVE-2026-5911

Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS8.5AI score0.00166EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•5 views

CVE-2026-5907

Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. Chromium security severity: Low...

8.1CVSS5.8AI score0.00189EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•8 views

CVE-2026-5908

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

8.8CVSS5.9AI score0.00195EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•8 views

CVE-2026-5903

Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.00261EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:21 p.m.•4 views

CVE-2026-5904

Rejected reason: Determined a bug and not a vulnerability...

8.2AI score0.00154EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•6 views

CVE-2026-5901

Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. Chromium security severity: Low...

6.5CVSS8.3AI score0.00139EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•7 views

CVE-2026-5900

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00159EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5899

Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS5.9AI score0.00134EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5896

Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass sandbox download restrictions via a crafted HTML page. Chromium security severity: Low...

6.1CVSS5.8AI score0.00155EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5894

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS8.4AI score0.00159EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•7 views

CVE-2026-5893

Race in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

6.8CVSS5.8AI score0.0015EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•3 views

CVE-2026-5890

Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS5.8AI score0.0018EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•18 views

CVE-2026-5891

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS7.4AI score0.00206EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•7 views

CVE-2026-5889

Cryptographic Flaw in PDFium in Google Chrome prior to 147.0.7727.55 allowed an attacker to read potentially sensitive information from encrypted PDFs via a brute-force attack. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00102EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5888

Uninitialized Use in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00258EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•3 views

CVE-2026-5885

Insufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00237EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5886

Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS7.4AI score0.00218EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•5 views

CVE-2026-5884

Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00289EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•5 views

CVE-2026-5883

Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS9AI score0.00289EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•3 views

CVE-2026-5880

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00191EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•5 views

CVE-2026-5882

Incorrect security UI in Fullscreen in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00191EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•3 views

CVE-2026-5879

Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00303EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5878

Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00191EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•3 views

CVE-2026-5876

Side-channel information leakage in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00247EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5877

Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00303EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5875

Policy bypass in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00189EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5872

Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00303EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•5 views

CVE-2026-5873

Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.8AI score0.00379EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•6 views

CVE-2026-5871

Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0033EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5870

Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00303EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•3 views

CVE-2026-5868

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.5AI score0.00339EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•3 views

CVE-2026-5865

Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00422EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•6 views

CVE-2026-5866

Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00303EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•3 views

CVE-2026-5862

Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00303EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•7 views

CVE-2026-5863

Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00292EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/04/08 9:20 p.m.•4 views

CVE-2026-5861

Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00303EPSS
Exploits0
Total number of security vulnerabilities13033