6577 matches found
Mozilla -- Mitigation bypass
https://bugzilla.mozilla.org/showbug.cgi?id=1880429 reports: Mitigation bypass in the DOM: postMessage component...
Mozilla -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=2027541 reports: Use-after-free in the JavaScript Engine component...
Mozilla -- Uninitialized memory
https://bugzilla.mozilla.org/showbug.cgi?id=2022604 reports: Uninitialized memory in the Audio/Video: Web Codecs component...
Mozilla -- Memory safety bugs
https://bugzilla.mozilla.org/buglist.cgi?bugid=2010727%2C2019004%2C2019224%2C2019547%2C2020378%2C2022381%2C2022608%2C2022785%2C2023120%2C2023128%2C2023140%2C2023279%2C2023836%2C2023882%2C2023925%2C2023950%2C2023959%2C2023965%2C2024243%2C2024245%2C2024247%2C2024253%2C2024346%2C2024357%2C2024416%2C...
Mozilla -- Memory safety bugs
https://bugzilla.mozilla.org/buglist.cgi?bugid=1935995%2C1999158%2C2015952%2C2021909%2C2022026%2C2022041%2C2022088%2C2022276%2C2022335%2C2022338%2C2022373%2C2022597%2C2022874%2C2023276%2C2023544%2C2023551%2C2023599%2C2023608%2C2023814%2C2024233%2C2024239%2C2024241%2C2024242%2C2024250%2C2024251%2C...
Mozilla -- Invalid pointer
https://bugzilla.mozilla.org/showbug.cgi?id=2022746 reports: Invalid pointer in the Audio/Video: Playback component...
Mozilla -- Mitigation bypass
https://bugzilla.mozilla.org/showbug.cgi?id=2016915 reports: Mitigation bypass in the DOM: Security component...
Mozilla -- Incorrect boundary conditions
https://bugzilla.mozilla.org/showbug.cgi?id=2026089 reports: Incorrect boundary conditions in the Libraries component in NSS...
Mozilla -- Privilege escalation in the Debugger component
https://bugzilla.mozilla.org/showbug.cgi?id=2023753 reports: Privilege escalation in the Debugger component...
Mozilla -- Other issue in the Libraries component in NSS
https://bugzilla.mozilla.org/showbug.cgi?id=2023209 reports: Other issue in the Libraries component in NSS...
Mozilla -- Mitigation bypass
https://bugzilla.mozilla.org/showbug.cgi?id=2021666 reports: Mitigation bypass in the File Handling component...
Mozilla -- Spoofing issue
https://bugzilla.mozilla.org/showbug.cgi?id=2021080 reports: Spoofing issue in the DOM: Core & HTML component...
Mozilla -- Incorrect boundary
https://bugzilla.mozilla.org/showbug.cgi?id=2027501 reports: Incorrect boundary conditions in the WebRTC component...
Mozilla -- Invalid pointer
https://bugzilla.mozilla.org/showbug.cgi?id=2013588 reports: Invalid pointer in the JavaScript: WebAssembly component...
Mozilla -- Information disclosure
https://bugzilla.mozilla.org/showbug.cgi?id=2022610 reports: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component...
Mozilla -- Privilege escalation
https://bugzilla.mozilla.org/showbug.cgi?id=2023407 reports: Privilege escalation in the Graphics: WebRender component...
Mozilla -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=2021769 reports: Use-after-free in the WebRTC component...
MySQL -- Multiple vulnerabilities
Oracle reports: See linked CVE's for details...
Mozilla -- Information disclosure in the IP Protection component
https://bugzilla.mozilla.org/showbug.cgi?id=2026571 reports: Information disclosure in the IP Protection component...
Mozilla -- Other issue in the JavaScript Engine component
https://bugzilla.mozilla.org/showbug.cgi?id=2023343 reports: Other issue in the JavaScript Engine component...
Mozilla -- Denial-of-service
https://bugzilla.mozilla.org/showbug.cgi?id=2025583 reports: Denial-of-service in the Audio/Video: Playback component...
Mozilla -- Mitigation bypass
https://bugzilla.mozilla.org/showbug.cgi?id=2023615 reports: Mitigation bypass in the Networking: Cookies component...
Mozilla -- Incorrect boundary conditions
https://bugzilla.mozilla.org/showbug.cgi?id=2023207 reports: Incorrect boundary conditions in the Libraries component in NSS...
Mozilla -- Privilege escalation
https://bugzilla.mozilla.org/showbug.cgi?id=2017857 reports: Privilege escalation in the Networking component...
Mozilla -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=2016164 reports: Use-after-free in the Widget: Cocoa component...
Mozilla -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=2013619 reports: Use-after-free in the JavaScript: WebAssembly component...
Mozilla -- Uninitialized memory
https://bugzilla.mozilla.org/showbug.cgi?id=2025883 reports: Uninitialized memory in the Audio/Video: Web Codecs component...
Mozilla -- Incorrect boundary conditions
https://bugzilla.mozilla.org/showbug.cgi?id=2027499 reports: Incorrect boundary conditions in the WebRTC component...
libXpm -- Out-of-bounds read in xpmNextWord()
The X.Org project reports: libXpm uses a number of internal helper functions to parse the XPM file format. One of these internal functions, xpmNextString, checks for the NULL terminator when looking for the end of the current string but not when looking for the beginning of the next string. A sma...
FreeBSD -- Missing large page handling in pmap_pkru_update_range()
Problem Description: In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface...
FreeBSD -- Kernel use-after-free bug in the TIOCNOTTY handler
Problem Description: The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the invoking process then exits, the terminal structure may end up containing a pointer to freed memory. Impact: A...
firefox -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=2014596 reports: Use-after-free in the DOM: Core & HTML component...
zeek -- potential DoS vulnerabilities
Tim Wojtulewicz of Corelight reports: A series of DNS messages containing long DNS compression chains can cause Zeek to spend a long time processing packets and potentially crash. Due to the fact that these packets can be received from remote hosts, this is a DoS risk. A specially-crafted LDAP...
ejabberd -- Potential DDoS in XML Parser
ejabberd team reports: This release adds new options that limit max memory used by XML parser used to process XMPP payloads, to prevent potential Denial of Service attack. The default values for pre-auth provide sufficient protection for ejabberd against non-authenticated users on c2s and s2s, so...
OpenVPN -- server DOS and data leak in TLS handshake vulnerabilities
Gert Doering reports: Security fixes in 2.7.2 fix race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances CVE-2026-40215 fix server termination on receiving a suitably malformed packet with a valid tls-crypt-v2 key...
lcms2 -- Integer overflow
https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0 reports: Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
Emacs -- Heap out-of-bounds write when rendering SVG images
Problem Description When GNU Emacs renders an SVG image whose image spec includes a :css property, an off-by-one error in svgloadimage writes a NUL byte one position past the end of a heap allocation. The copied string is also left without NUL termination within its allocation, causing a subseque...
OpenEXR -- several integer overflow vulnerabilities
Cary Phillips reports: OpenEXR 3.4.10 is a patch release that addresses the following security vulnerabilities: CVE-2026-39886 HTJ2K Signed Integer Overflow in htundoimpl CVE-2026-40244 Integer overflow in DWA setupChannelData planarUncRle pointer arithmetic missed variant of CVE-2026-34589...
devel/ocaml-opam -- CWE-24 Path Traversal: '../filedir'
https://github.com/ocaml/opam/releases/tag/2.5.1 reports: In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory. Reported by Andrew Nesbitt...
(lib)expat -- Insufficient entropy
https://github.com/libexpat/libexpat/pull/1183 reports: libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
chromium -- security fixes
Chrome Releases reports: This update includes 31 security fixes: 490170083 Critical CVE-2026-6296: Heap buffer overflow in ANGLE. Reported by cinzinga on 2026-03-05 493628982 Critical CVE-2026-6297: Use after free in Proxy. Reported by heapracer on 2026-03-17 495700484 Critical CVE-2026-6298: Hea...
xwayland -- Multiple vulnerabilities
X.Org project reports: Multiple issues have been found in the X server and Xwayland implementations published by X.Org for which we are releasing security fixes for in xorg-server-21.1.22 and xwayland-24.1.10...
xorg-server -- Multiple vulnerabilities
X.Org project reports: Multiple issues have been found in the X server and Xwayland implementations published by X.Org for which we are releasing security fixes for in xorg-server-21.1.22 and xwayland-24.1.10...
PHP Composer -- Multiple vulnerabilities
Composer project reports: Fixed command injection via malicious Perforce reference GHSA-gqw4-4w2p-838q / CVE-2026-40261 Fixed command injection via malicious Perforce repository definition GHSA-wg36-wvj6-r67p / CVE-2026-40176...
dash -- arith: INTMAX_MIN / -1 overflow
https://git.kernel.org/pub/scm/utils/dash/dash.git/commit/?id=0034bfe185d3d875cebace8cb3ca5c9dabf9e0f3 reports: Division and remainder currently guard against division by zero, but not against the signed overflow case INTMAXMIN / -1. On affected systems this can trigger SIGFPE during arithmetic...
Vaultwarden -- Multiple vulnerabilities
The Vaultwarden project reports: GHSA-937x-3j8m-7w7p Unconfirmed Owner Can Purge Entire Organization Vault. GHSA-569v-845w-g82p Cross-Org Group Binding Enables Unauthorized Read And Write Access Into Another Organization GHSA-6j4w-g4jh-xjfx Refresh tokens not invalidated on security stamp rotatio...
Python -- use-after-free vulnerability in decompressors under memory pressure
Seth Larson reports: There is a CRITICAL severity vulnerability affecting CPython. Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the decompression instance is re-used. This scenario can be...
tree-sitter-cli -- Always-Incorrect Control Flow Implementation in wasmtime crate
https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-q49f-xg75-m9xw reports: Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a vulnerability where the compilation of the table.fill instruction can result ...
Gitlab -- vulnerabilities
Gitlab reports: Exposed Method issue in websocket connections impacts GitLab CE/EE Denial of Service issue in Terraform state lock API impacts GitLab CE/EE Denial of Service issue in GraphQL API impacts GitLab CE/EE Denial of Service issue in CSV import impacts GitLab CE/EE Denial of Service issu...
Mozilla -- Memory safety bugs
https://bugzilla.mozilla.org/buglist.cgi?bugid=2025475%2C2025477 reports: Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary...