Search CVE reports
351 – 360 of 30574 results
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Incorrect security UI in WebAppInstalls in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
mchange-commons-java is a Java library of shared utility classes used by mchange projects like the c3p0 connection pool. Prior to version 0.6.0, its JNDI ObjectFactory implementation (com.mchange.v2.naming.JavaBeanObjectFactory)...
1 affected package
c3p0
| Package | 26.04 LTS |
|---|---|
| c3p0 | Needs evaluation |
Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of...
1 affected package
rust-wasmtime
| Package | 26.04 LTS |
|---|---|
| rust-wasmtime | Needs evaluation |
The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. In versions from 2.0.0 prior to 2.16.0 and from 3.0.0.Beta1 prior to...
1 affected package
async-http-client
| Package | 26.04 LTS |
|---|---|
| async-http-client | Needs evaluation |
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Versions prior to 3.1.4 are vulnerable to Remote Denial of Service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message. This issue has been...
2 affected packages
golang-github-pion-dtls-v3, golang-github-pion-dtls.v2
| Package | 26.04 LTS |
|---|---|
| golang-github-pion-dtls-v3 | Needs evaluation |
| golang-github-pion-dtls.v2 | Needs evaluation |
Not in release
Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix...
1 affected package
php-horde-imp
| Package | 26.04 LTS |
|---|---|
| php-horde-imp | Not in release |