Lucene search
K
AlpinelinuxRecent

12982 matches found

AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12305

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.8AI score0.00374EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12304

Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

9.1CVSS5.8AI score0.00189EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12303

Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

4.3CVSS5.3AI score0.00222EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12302

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.5 views

CVE-2026-12301

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.3CVSS5.8AI score0.00252EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.5 views

CVE-2026-12300

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.3CVSS5.8AI score0.00252EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12299

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.3AI score0.00306EPSS
Exploits0References21
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12298

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.8AI score0.00306EPSS
Exploits0References20
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12297

Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

9.6CVSS5.8AI score0.00393EPSS
Exploits0References21
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12296

Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

9.6CVSS5.8AI score0.00393EPSS
Exploits0References20
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12295

Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

9.6CVSS5.8AI score0.00393EPSS
Exploits0References21
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.5 views

CVE-2026-12294

Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

9.6CVSS5.8AI score0.00363EPSS
Exploits0References21
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.8 views

CVE-2026-12293

Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

9.8CVSS5.8AI score0.00302EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.5 views

CVE-2026-12292

Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

8.1CVSS5.8AI score0.00398EPSS
Exploits0References20
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12291

Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

8.8CVSS5.8AI score0.00382EPSS
Exploits0References21
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.8 views

CVE-2026-12290

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

8.1CVSS5.8AI score0.00397EPSS
Exploits0References21
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.10 views

CVE-2026-12289

Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

8.8CVSS5.2AI score0.00395EPSS
Exploits0References21
AlpineLinux
AlpineLinux
added 2026/06/16 12:0 a.m.7 views

CVE-2026-39949

This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...

5.3AI score
Exploits2
AlpineLinux
AlpineLinux
added 2026/06/15 7:47 p.m.6 views

CVE-2026-47261

Wasmtime is a runtime for WebAssembly. In versions prior to 24.0.9, 36.0.10, and 44.0.2, when a filesystem preopen is given DirPerms::all and FilePerms::READ without FilePerms::WRITE, this access control mechanism can be bypassed via the wasip2 descriptor.open-at or wasip1 pathopen interfaces by...

7.5CVSS5.7AI score0.00357EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/06/15 12:8 p.m.10 views

CVE-2026-44517

This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...

Exploits0
AlpineLinux
AlpineLinux
added 2026/06/14 11:40 a.m.6 views

CVE-2026-11527

Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open of the -file argument in makefilehandle. Config::IniFiles::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd...

8.6CVSS5.4AI score0.00618EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/14 11:39 a.m.15 views

CVE-2026-11526

GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open of filename arguments in makefilehandle. GD::Image::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd |" or begins with a...

9.8CVSS5.5AI score0.01353EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/06/13 1:13 a.m.4 views

CVE-2026-49452

This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...

Exploits0
AlpineLinux
AlpineLinux
added 2026/06/12 8:7 p.m.7 views

CVE-2026-54057

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 color-control query reply reflects attacker-controlled bytes, including newlines, into the shell's input without sanitization. Version 0.47.3 fixes the issue...

7.8CVSS5.2AI score0.00166EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/06/12 8:6 p.m.7 views

CVE-2026-54056

Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, kitten dnd can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote text/uri-list drops are staged in a temporary directory, but on case-sensitiv...

7.6CVSS5.7AI score0.00268EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/06/12 8:3 p.m.7 views

CVE-2026-54055

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...

5CVSS5.6AI score0.00072EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/12 8:0 p.m.7 views

CVE-2026-42851

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, a program able to write bytes to a kitty terminal — a remote SSH peer, a downloaded file viewed with cat, a log line, an email body rendered in less, an issue body in a TUI, etc. — can cause kitty to execute...

7.8CVSS5.7AI score0.00164EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/06/12 7:59 p.m.7 views

CVE-2026-42850

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, it is possible to inject commands within the subshell through kitty error. A special escape code will make kitty return an error, this error is not escaped and will be correctly echoed back to the terminal with CRLF, as su...

7.4CVSS5.6AI score0.00287EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/06/12 6:8 p.m.20 views

CVE-2026-41568

Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to create empty files or directories at arbitra...

6.1CVSS5.3AI score0.00108EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/12 5:35 p.m.22 views

CVE-2026-48165

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, a high-privileged MariaDB user could've used wsrepsstreceiveaddress or wsrepsstdonor global system...

9.1CVSS5.5AI score0.00967EPSS
Exploits0References12
AlpineLinux
AlpineLinux
added 2026/06/12 5:34 p.m.22 views

CVE-2026-48163

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

9.1CVSS5.8AI score0.00654EPSS
Exploits0References12
AlpineLinux
AlpineLinux
added 2026/06/12 5:34 p.m.10 views

CVE-2026-44173

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...

8.1CVSS5.2AI score0.00399EPSS
Exploits0References12
AlpineLinux
AlpineLinux
added 2026/06/12 5:34 p.m.11 views

CVE-2026-44172

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections,...

9.8CVSS5.5AI score0.00419EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/12 5:33 p.m.12 views

CVE-2026-44171

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS5.3AI score0.00135EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/12 5:31 p.m.10 views

CVE-2026-44169

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUTE access to a stored routine via a role, could see the routine definition even without SHOW CREATE ROUTINE privilege. This issue has been...

4.3CVSS5.2AI score0.00161EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/12 5:31 p.m.12 views

CVE-2026-44168

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

8CVSS5.8AI score0.00567EPSS
Exploits0References12
AlpineLinux
AlpineLinux
added 2026/06/12 5:30 p.m.11 views

CVE-2026-44170

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB on WIndows with installed CONNECT engine and enabled REST support interpolated table HTTP...

9.9CVSS5.5AI score0.00797EPSS
Exploits0References12
AlpineLinux
AlpineLinux
added 2026/06/11 6:33 p.m.8 views

CVE-2026-52860

Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...

8CVSS5.7AI score0.00224EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2026/06/11 6:33 p.m.11 views

CVE-2026-52859

Vim is an open source, command line text editor. Prior to version 9.2.0565, the updatesnapshot function in src/terminal.c copies the visible terminal screen into the scrollback buffer when a snapshot is taken. For each screen cell it walks the cell's chars array with no upper bound, stopping only...

8.2CVSS5.6AI score0.00303EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/11 6:32 p.m.10 views

CVE-2026-52858

Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled and the legacy pythoncomplete.vim for builds with the +python interpreter executes the import and from statements foun...

7.8CVSS5.5AI score0.00201EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/11 6:32 p.m.9 views

CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

8.8CVSS5.8AI score0.00219EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/06/11 6:31 p.m.7 views

CVE-2026-47167

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...

5.3CVSS5.8AI score0.00135EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/11 5:13 p.m.9 views

CVE-2026-49261

MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with wsrepnotifycmd enabled would execute shell commands embedded in the name of the joiner node. This is fixed in...

10CVSS5.9AI score0.00998EPSS
Exploits0References12
AlpineLinux
AlpineLinux
added 2026/06/10 10:7 p.m.9 views

CVE-2026-53465

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder. This issue has been patched in version 7.1.2-25...

6.2CVSS5.6AI score0.00112EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/10 10:7 p.m.9 views

CVE-2026-53464

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25...

4CVSS5.3AI score0.0011EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/10 10:5 p.m.12 views

CVE-2026-53463

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-50 and 7.1.2-25...

4.3CVSS5.3AI score0.00187EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/10 10:4 p.m.8 views

CVE-2026-53462

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. This issue has been patched in versions 6.9.13-...

5.9CVSS5.3AI score0.00227EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/10 10:3 p.m.10 views

CVE-2026-53461

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. This issue has been patched in versions 6.9.13-50 and...

7.5CVSS5.4AI score0.00353EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/06/10 10:2 p.m.7 views

CVE-2026-53460

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in versions 6.9.13-50 a...

7.5CVSS5.3AI score0.00346EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/06/10 10:0 p.m.24 views

CVE-2026-49219

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, an incorrect parsing of the filename can result in a policy bypass and read files disallowed by a security policy using a symlink. This issue has been patched i...

5.5CVSS5.4AI score0.00128EPSS
Exploits0References1
Total number of security vulnerabilities12982