367554 matches found
CVE-2026-20463
In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309...
CVE-2026-20462
In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS11006447; Issue ID: MSV-7871...
CVE-2026-20461
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-20460
In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-20459
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...
CVE-2026-20458
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-20457
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...
CVE-2026-14191
An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser in WinRAR and UnRAR RecVolumes5::ReadHeader in recvol5.cpp. The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated again...
CVE-2026-12943
This candidate has been reserved by an organization or individual " "that will use it when announcing a new security problem. When the candidate has been " "publicized, the details for this candidate will be provided...
CVE-2026-57963
The CVE describes a vulnerability in Thunderbird’s chat UI where an attacker who can send HTML chat messages (via Matrix or XMPP) can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. Affected product: Thunderbird (chat UI component). Root cause: HTML/CSS cont...
CVE-2026-57962
The CVE-2026-57962 vulnerability affects the Thunderbird LDAP client used for address-book autocomplete. A malicious LDAP server can push arbitrarily large attacker-supplied data into Thunderbird, causing memory exhaustion and a DoS. Root cause: unbounded data accepted by the LDAP client during a...
CVE-2026-53488
CVE-2026-53488 affects containerd’s CRI plugin: image config LABELs are propagated to containers without validation, enabling potential host-command execution via a plugin that consumes labels. Concrete details across connected docs confirm this vulnerability in containerd versions prior to 1.7.3...
CVE-2026-57149
Technical details for CVE-2026-57149 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-41579
Technical details beyond the Initial Description are not provided in the connected documents; monitor for updates.
CVE-2026-54903
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet,...
CVE-2026-54902
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, is vulnerable to Use-After-Free when in SAJ mode. The Oj::Parser does not protect cached object keys ≥ 35 bytes from garbage collection, and a Ruby callback that triggers GC inside hashend ca...
CVE-2026-54901
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj::Parser in usual mode does not mark arrayclass and hashclass references during garbage collection, leading to Use-After-Free. If GC runs after the class is assigned but before a parse,...
CVE-2026-54900
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with createid enabled, Oj::Parserparse is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer...
CVE-2026-54898
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...
CVE-2026-54897
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators eachvalue, eachchild, eachleaf were vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed...
CVE-2026-54896
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object'...
CVE-2026-54592
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doceachchild, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process, leading to DoS. In a two-step chain in...
CVE-2026-54502
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fillindent in dump.h calls memsetindentstr, ' ', sizetopts-indent without...
CVE-2026-54500
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj.load in :object mode reads uninitialized stack memory and, for long keys, reads out of bounds when parsing a JSON object whose key is 254 bytes or longer. The interned bytes can surfac...
CVE-2026-54899
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, disabling symbolkeys on a reused Oj::Parser instance triggers a heap use-after-free. When symbolkeys is toggled from true to false, optsymbolkeysset frees the internal key cache cachefree but...
CVE-2026-55223
CVE-2026-55223 affects the c3p0 JDBC connection pooling library. Before 0.14.0, c3p0 can enable a deserialization gadget “sink” when combined with other libraries: DataSource.getConnection() and ConnectionPoolDataSource.getPooledConnection() are treated as safe JavaBean properties, but invoking p...
CVE-2026-50110
The CVE-2026-50110 entry concerns Storage Concentrator (SC & SCVM) that contains hardcoded credentials for numerous internal services embedded in a configuration file. The credentials are encoded but reversible to plaintext, exposing accounts for databases, licensing, replication, and third-party...
CVE-2026-56413
CVE-2026-56413 affects StoneFly Storage Concentrator (SC & SCVM). The ms_service.pl component listening on TCP port 9000 is vulnerable to command injection. An unauthenticated remote attacker can send a specially crafted network packet that is processed without proper sanitization, enabling arbit...
CVE-2026-56415
The vulnerability CVE-2026-56415 affects the Storage Concentrator (SC & SCVM). The issue is a command injection in the debug.pl script that is reachable without authentication. A remote attacker can send a crafted HTTP request containing a malicious payload which is processed without proper input...
CVE-2026-14156
CVE-2026-14156 affects Google Chrome (StorageAccessAPI) prior to 150.0.7871.47, where insufficient policy enforcement in the StorageAccessAPI allowed a remote attacker who had compromised the renderer process to bypass the Same Origin Policy via a crafted HTML page. The impact is abuse of cross-o...
CVE-2026-14155
CVE-2026-14155 describes an issue in Google Chrome's StorageAccessAPI where insufficient policy enforcement in versions prior to 150.0.7871.47 could allow a remote attacker to leak cross-origin data via a crafted HTML page. The Chromium entry lists the impact as Low severity. The vulnerability af...
CVE-2026-14153
The CVE-2026-14153 entry describes an insecure/incorrect implementation in the Chrome browser’s Glic component prior to version 150.0.7871.47, which enables UI spoofing via a crafted HTML page when a user performs specific UI gestures. The root cause is an inappropriate implementation in Glic in ...
CVE-2026-14154
Affected software: Google Chrome DevTools. Vulnerability: Inappropriate implementation allows UI spoofing via a crafted Chrome Extension when users install a malicious extension, prior to Chrome version 150.0.7871.47. Root cause is an improper DevTools implementation. Impact: potential UI spoofin...
CVE-2026-14150
CVE-2026-14150 concerns Google Chrome where insufficient validation of untrusted input in the Speech component prior to version 150.0.7871.47 enables a remote attacker who already compromised the renderer process to perform UI spoofing via a crafted HTML page. The vulnerability is described with ...
CVE-2026-14152
CVE-2026-14152 affects ANGLE in Google Chrome, with the vulnerability described as an out-of-bounds read and write prior to Chrome 150.0.7871.47. A remote attacker who has compromised the renderer process could potentially escalate to sandbox escape via a crafted HTML page. The description notes ...
CVE-2026-14151
Affected software: Google Chrome (Chromium-based). Issue: Inappropriate implementation in AI in Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Root cause: misuse in the renderer/AI integration enabling san...
CVE-2026-14147
CVE-2026-14147 : This vulnerability affects Google Chrome’s CSS handling prior to version 150.0.7871.47, where an inappropriate implementation could allow a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. The root cause is an implementation issue in CSS process...
CVE-2026-14148
CVE-2026-14148 concerns a Type Confusion in CSS handling in Google Chrome, allowing a remote attacker to extract potentially sensitive information from a process’s memory via a crafted HTML page. The affected software is Google Chrome (Chromium-based), with the issue described as occurring in ver...
CVE-2026-14149
Concerning CVE-2026-14149: A use-after-free in Chrome’s Audio path on Linux (Chromium-based) allowed remote code execution via a crafted HTML page. Affected product: Google Chrome on Linux. Root cause: use-after-free in Audio component; impact: arbitrary code execution. Vulnerability is mitigated...
CVE-2026-14145
In Google Chrome, an inappropriate CSS implementation allows UXSS: a remote attacker can inject arbitrary scripts/HTML via a crafted HTML page. Affected product: desktop Chrome versions prior to 150.0.7871.47. Root cause: CSS handling vulnerability described as an improper implementation. Impact:...
CVE-2026-14146
Summary: CVE-2026-14146 involves an inappropriate implementation in CSS within Google Chrome (pre-150.0.7871.47) that could allow a remote attacker to leak cross-origin data via a crafted HTML page. The vulnerability is described as having a low severity. What’s affected: Google Chrome CSS handli...
CVE-2026-14144
CVE-2026-14144 affects Google Chrome before 150.0.7871.47 in the Views security UI, where an incorrect security UI could allow a remote attacker to trigger UI spoofing via a crafted HTML page if the user performs specific UI gestures. The vulnerability relies on user interaction and is tied to UI...
CVE-2026-14142
CVE-2026-14142 : In Google Chrome, an insecure implementation in Extensions prior to version 150.0.7871.47 allows a remote attacker who has already compromised the renderer process to perform UI spoofing via a crafted HTML page. The vulnerability is tied to the Extensions component, with impact d...
CVE-2026-14143
CVE-2026-14143 concerns Google Chrome on iOS, where the Passwords UI can be spoofed due to an incorrect security UI. Descriptions across sources consistently state the vulnerability allows a remote attacker to spoof UI via a crafted HTML page, with Chromium security severity listed as Low. The CV...
CVE-2026-14141
CVE-2026-14141 concerns Google Chrome on Android where an incorrect security UI in Document Picture-in-Picture could let a remote attacker spoof the domain via a crafted HTML page. The issue is tied to Chrome/Chromium’s Picture-in-Picture UI (Android) with a severity listed as Low, and affects ve...
CVE-2026-14140
The vulnerability CVE-2026-14140 affects Google Chrome on Android (pre-150.0.7871.47). It stems from insufficient validation of untrusted input in Input, enabling a remote attacker to trigger UI spoofing via a crafted HTML page. Severity is noted as Low in Chromium. Connected documents confirm th...
CVE-2026-14139
CVE-2026-14139 affects Google Chrome TabStrip. It describes an inappropriate implementation in TabStrip that allows a remote attacker to perform UI spoofing by convincing a user to engage in specific UI gestures on a crafted HTML page, before version 150.0.7871.47. The vulnerability is tied to UI...
CVE-2026-14136
CVE-2026-14136 concerns Chrome for iOS (Google Chrome on iOS). The issue is insufficient validation of untrusted input in Chrome for iOS, allowing a remote attacker to perform UI spoofing via a crafted HTML page. Affected component: Chrome on iOS before version 150.0.7871.47. Impact is UI spoofin...
CVE-2026-14138
This CVE concerns Google Chrome on Windows with an inappropriate implementation in WebAppInstalls prior to version 150.0.7871.47. The issue enables a remote attacker, by convincing a user to perform specific UI gestures on a crafted HTML page, to achieve UI spoofing due to the implementation flaw...
CVE-2026-14137
Chrome for iOS (Google Chrome on iOS) is affected by CVE-2026-14137 due to insufficient validation of untrusted input prior to 150.0.7871.47. An attacker could cause UI spoofing by convincing a user to engage in specific UI gestures on a crafted HTML page. The described impact is UI spoofing with...