Lucene search
K
AlpinelinuxRecent

12982 matches found

AlpineLinux
AlpineLinux
•added 2026/06/21 3:47 p.m.•5 views

CVE-2026-56405

libexpat before 2.8.2 has an integer overflow in getAttributeId...

6.9CVSS5.8AI score0.00102EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/21 3:45 p.m.•6 views

CVE-2026-56404

libexpat before 2.8.2 has an integer overflow in addBinding...

6.9CVSS5.8AI score0.00102EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/21 3:43 p.m.•7 views

CVE-2026-56403

libexpat before 2.8.2 has an integer overflow in storeAtts...

6.9CVSS5.8AI score0.00102EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/19 8:12 p.m.•5 views

CVE-2026-49346

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow in de265imagegetbuffer libde265/image.cc:128. The overflow wraps the plane allocation size to a sma...

7.1CVSS5.8AI score0.00227EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/06/19 8:9 p.m.•7 views

CVE-2026-49295

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds array write in decodercontext::processreferencepictureset libde265/decctx.cc:1376. The root cause is a missing aggregate bound check on predicted...

7.1CVSS5.8AI score0.00227EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/06/19 7:18 p.m.•8 views

CVE-2026-48715

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the radvdump utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, printff copies up to 2032 bytes from attacker-controlled...

8.8CVSS6.1AI score0.00203EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/19 3:0 a.m.•6 views

CVE-2026-56132

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers...

6.9CVSS6AI score0.00107EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/19 2:56 a.m.•5 views

CVE-2026-56131

libexpat before 2.8.2 lacks handler call depth tracking for calls to XMLResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur similar to the CVE-2026-50219 situation...

4.9CVSS5.8AI score0.00135EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/19 12:0 a.m.•5 views

CVE-2026-55192

This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...

Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/19 12:0 a.m.•5 views

CVE-2026-55193

This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...

Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/19 12:0 a.m.•5 views

CVE-2026-55648

This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...

Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/19 12:0 a.m.•5 views

CVE-2026-55194

This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...

Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/19 12:0 a.m.•5 views

CVE-2026-55191

This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...

Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/18 8:31 p.m.•9 views

CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS5.9AI score0.00263EPSS
Exploits1References5
AlpineLinux
AlpineLinux
•added 2026/06/18 8:20 p.m.•6 views

CVE-2026-44663

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer overflow when decoding a crafted...

7.1CVSS5.7AI score0.00199EPSS
Exploits1References2
AlpineLinux
AlpineLinux
•added 2026/06/18 8:18 p.m.•5 views

CVE-2025-15661

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftpsymlink function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted SSHFXPNAME response...

8.3CVSS7.2AI score0.00267EPSS
Exploits0References4
AlpineLinux
AlpineLinux
•added 2026/06/18 7:33 p.m.•5 views

CVE-2026-43915

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.11.0 contain a stored cross-site scripting XSS vulnerability in the web-admin HTTPS interface. An attacker who can create a TURN allocation with a crafted USERNAME value can inject HTML/JavaScript that execut...

5.4CVSS5.6AI score0.00141EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/18 6:1 p.m.•4 views

CVE-2026-48937

A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a GOAWAY frame. This vulnerability affects two supported release lines: Node.js 22 and Node.js 24...

5.3CVSS5.8AI score0.00445EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/18 4:21 p.m.•5 views

CVE-2026-48617

A flaw in Node.js Permission Model enforcement allows Bypass via process.report.writeReport Path Misvalidation. This can lead to confidentiality impact or bypass of the intended security boundary under affected configurations. This vulnerability affects all supported release lines: Node.js 22,...

1.8CVSS5.8AI score0.00208EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/18 4:5 p.m.•9 views

CVE-2026-55204

HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpackdhtinsert within src/hpack-tbl.c that fails to validate the return value of hpackdhtdefrag when the memory pool is exhausted. An attacker can trigger HPACK dynamic table insertions under memo...

8.7CVSS5.9AI score0.00431EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/18 4:5 p.m.•6 views

CVE-2026-55203

HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...

9.1CVSS6.1AI score0.00321EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2026/06/18 11:29 a.m.•8 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS6.1AI score0.00477EPSS
Exploits3
AlpineLinux
AlpineLinux
•added 2026/06/17 7:3 p.m.•6 views

CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.2CVSS6.2AI score0.00732EPSS
Exploits11References5
AlpineLinux
AlpineLinux
•added 2026/06/17 6:44 p.m.•6 views

CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

8.2CVSS5.8AI score0.00408EPSS
Exploits1References3
AlpineLinux
AlpineLinux
•added 2026/06/17 2:4 p.m.•5 views

CVE-2026-48142

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When content is served or proxied through a location block with both sourcecharset utf-8; and a charset directive for example, charset koi8-r; configured, remote, unauthenticated attackers can send requests ...

6.3CVSS6AI score0.00398EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/17 2:4 p.m.•5 views

CVE-2026-42055

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...

9.2CVSS6.5AI score0.03459EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2026/06/16 4:50 p.m.•39 views

CVE-2026-4367

A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...

5.5CVSS4.7AI score0.00129EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2026/06/16 11:53 a.m.•9 views

CVE-2026-12328

Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

8.1CVSS5.8AI score0.00476EPSS
Exploits0References21
AlpineLinux
AlpineLinux
•added 2026/06/16 11:53 a.m.•6 views

CVE-2026-12327

Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

8.1CVSS6AI score0.00407EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12326

Memory safety bugs present in Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

8.1CVSS6AI score0.00251EPSS
Exploits0References8
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•6 views

CVE-2026-12325

Denial-of-service in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References6
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•12 views

CVE-2026-12324

Incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.3CVSS5.8AI score0.00209EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12323

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.3AI score0.00168EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•6 views

CVE-2026-12322

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.3AI score0.00165EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12321

JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.3AI score0.00159EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•9 views

CVE-2026-12320

Information disclosure in the Password Manager component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

4.3CVSS5.3AI score0.00179EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12319

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

6.5CVSS5.3AI score0.0021EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•6 views

CVE-2026-12318

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

7.3CVSS5.8AI score0.00263EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•6 views

CVE-2026-12317

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

7.5CVSS5.8AI score0.00288EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•6 views

CVE-2026-12316

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

9.1CVSS5.8AI score0.00245EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12315

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

9.1CVSS5.8AI score0.00251EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•6 views

CVE-2026-12314

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.8AI score0.00252EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12313

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

4.7CVSS5.3AI score0.00175EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•8 views

CVE-2026-12312

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.8AI score0.00252EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•8 views

CVE-2026-12311

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

4.7CVSS5.3AI score0.00185EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12310

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.8AI score0.00252EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•5 views

CVE-2026-12309

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

6.5CVSS5.8AI score0.00235EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•8 views

CVE-2026-12308

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.3CVSS5.8AI score0.00261EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•6 views

CVE-2026-12307

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.3CVSS5.8AI score0.00261EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2026/06/16 11:52 a.m.•5 views

CVE-2026-12306

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.3CVSS5.8AI score0.00261EPSS
Exploits0References5
Total number of security vulnerabilities12982