Tag
#Vulnerability
40 published stories tagged with Vulnerability.
Brief: Linux Kernel xfrm6 Source Address Handling Bug Fixed
The Linux kernel fixed an xfrm6 issue where xfrm6_get_saddr() failed to check the return value of ipv6_dev_get_saddr(), leaving a source address uninitialized when address selection failed.
Defender Guidance: Linux Kernel xfrm6 Source Address Handling Bug Fixed
The Linux kernel fixed an xfrm6 issue where xfrm6_get_saddr() failed to check the return value of ipv6_dev_get_saddr(), leaving a source address uninitialized when address selection failed.
Detection Notes: Linux Kernel xfrm6 Source Address Handling Bug Fixed
The Linux kernel fixed an xfrm6 issue where xfrm6_get_saddr() failed to check the return value of ipv6_dev_get_saddr(), leaving a source address uninitialized when address selection failed.
Risk Brief: Linux Kernel xfrm6 Source Address Handling Bug Fixed
The Linux kernel fixed an xfrm6 issue where xfrm6_get_saddr() failed to check the return value of ipv6_dev_get_saddr(), leaving a source address uninitialized when address selection failed.
Brief: Linux Kernel AMDGPU VCN Poison IRQ Release Issue Fixed in Stable Kernel Code
A Linux kernel AMDGPU issue was fixed by skipping VCN poison IRQ release on VF because VCNv2.5 VF does not enable VCN poison IRQ.
Defender Guidance: Linux Kernel AMDGPU VCN Poison IRQ Release Issue Fixed in Stable Kernel Code
A Linux kernel AMDGPU issue was fixed by skipping VCN poison IRQ release on VF because VCNv2.5 VF does not enable VCN poison IRQ.
Detection Notes: Linux Kernel AMDGPU VCN Poison IRQ Release Issue Fixed in Stable Kernel Code
A Linux kernel AMDGPU issue was fixed by skipping VCN poison IRQ release on VF because VCNv2.5 VF does not enable VCN poison IRQ.
Risk Brief: Linux Kernel AMDGPU VCN Poison IRQ Release Issue Fixed in Stable Kernel Code
A Linux kernel AMDGPU issue was fixed by skipping VCN poison IRQ release on VF because VCNv2.5 VF does not enable VCN poison IRQ.
Brief: Linux Kernel MCTP Route Race Condition Patched in Stable Kernel Updates
A Linux kernel MCTP route issue was fixed by holding key->lock in mctp_flow_prepare_output(), preventing a race around key->dev access.
Defender Guidance: Linux Kernel MCTP Route Race Condition Patched in Stable Kernel Updates
A Linux kernel MCTP route issue was fixed by holding key->lock in mctp_flow_prepare_output(), preventing a race around key->dev access.
Detection Notes: Linux Kernel MCTP Route Race Condition Patched in Stable Kernel Updates
A Linux kernel MCTP route issue was fixed by holding key->lock in mctp_flow_prepare_output(), preventing a race around key->dev access.
Risk Brief: Linux Kernel MCTP Route Race Condition Patched in Stable Kernel Updates
A Linux kernel MCTP route issue was fixed by holding key->lock in mctp_flow_prepare_output(), preventing a race around key->dev access.
Brief: Tor Client Crash Vulnerability Fixed Before Version 0.4.9.7
Tor before 0.4.9.7 can experience a client crash when circuit queue memory pressure exists due to a double close of a circuit, tracked as TROVE-2026-009.
Defender Guidance: Tor Client Crash Vulnerability Fixed Before Version 0.4.9.7
Tor before 0.4.9.7 can experience a client crash when circuit queue memory pressure exists due to a double close of a circuit, tracked as TROVE-2026-009.
Detection Notes: Tor Client Crash Vulnerability Fixed Before Version 0.4.9.7
Tor before 0.4.9.7 can experience a client crash when circuit queue memory pressure exists due to a double close of a circuit, tracked as TROVE-2026-009.
Risk Brief: Tor Client Crash Vulnerability Fixed Before Version 0.4.9.7
Tor before 0.4.9.7 can experience a client crash when circuit queue memory pressure exists due to a double close of a circuit, tracked as TROVE-2026-009.
Brief: Acer PredatorSense Named Pipe Misconfiguration Enables SYSTEM Privilege Escalation
Acer PredatorSense versions 3.00.3136 through 3.00.3196 contain a local privilege escalation vulnerability caused by a misconfigured Windows named pipe.
Defender Guidance: Acer PredatorSense Named Pipe Misconfiguration Enables SYSTEM Privilege Escalation
Acer PredatorSense versions 3.00.3136 through 3.00.3196 contain a local privilege escalation vulnerability caused by a misconfigured Windows named pipe.
Detection Notes: Acer PredatorSense Named Pipe Misconfiguration Enables SYSTEM Privilege Escalation
Acer PredatorSense versions 3.00.3136 through 3.00.3196 contain a local privilege escalation vulnerability caused by a misconfigured Windows named pipe.
Risk Brief: Acer PredatorSense Named Pipe Misconfiguration Enables SYSTEM Privilege Escalation
Acer PredatorSense versions 3.00.3136 through 3.00.3196 contain a local privilege escalation vulnerability caused by a misconfigured Windows named pipe.
Brief: Mozilla Firefox ESR Audio/Video Boundary Condition Issue Fixed
Mozilla fixed incorrect boundary conditions in the Audio/Video Playback component of Firefox ESR releases.
Defender Guidance: Mozilla Firefox ESR Audio/Video Boundary Condition Issue Fixed
Mozilla fixed incorrect boundary conditions in the Audio/Video Playback component of Firefox ESR releases.
Detection Notes: Mozilla Firefox ESR Audio/Video Boundary Condition Issue Fixed
Mozilla fixed incorrect boundary conditions in the Audio/Video Playback component of Firefox ESR releases.
Risk Brief: Mozilla Firefox ESR Audio/Video Boundary Condition Issue Fixed
Mozilla fixed incorrect boundary conditions in the Audio/Video Playback component of Firefox ESR releases.
Brief: Mozilla Fixes High-Impact Memory Safety Bugs in Firefox and Thunderbird
Mozilla fixed memory safety bugs in Firefox and Thunderbird. Mozilla states some bugs showed evidence of memory corruption and could potentially be exploited to run arbitrary code with enough effort.
Defender Guidance: Mozilla Fixes High-Impact Memory Safety Bugs in Firefox and Thunderbird
Mozilla fixed memory safety bugs in Firefox and Thunderbird. Mozilla states some bugs showed evidence of memory corruption and could potentially be exploited to run arbitrary code with enough effort.
Detection Notes: Mozilla Fixes High-Impact Memory Safety Bugs in Firefox and Thunderbird
Mozilla fixed memory safety bugs in Firefox and Thunderbird. Mozilla states some bugs showed evidence of memory corruption and could potentially be exploited to run arbitrary code with enough effort.
Risk Brief: Mozilla Fixes High-Impact Memory Safety Bugs in Firefox and Thunderbird
Mozilla fixed memory safety bugs in Firefox and Thunderbird. Mozilla states some bugs showed evidence of memory corruption and could potentially be exploited to run arbitrary code with enough effort.
Brief: Mozilla Thunderbird 150.0.2 Fixes Memory Safety Bugs
Mozilla fixed memory safety bugs in Thunderbird 150.0.2. The NVD/Mozilla record says some bugs showed evidence of memory corruption and could potentially be exploited to run arbitrary code with enough effort.
Defender Guidance: Mozilla Thunderbird 150.0.2 Fixes Memory Safety Bugs
Mozilla fixed memory safety bugs in Thunderbird 150.0.2. The NVD/Mozilla record says some bugs showed evidence of memory corruption and could potentially be exploited to run arbitrary code with enough effort.
Detection Notes: Mozilla Thunderbird 150.0.2 Fixes Memory Safety Bugs
Mozilla fixed memory safety bugs in Thunderbird 150.0.2. The NVD/Mozilla record says some bugs showed evidence of memory corruption and could potentially be exploited to run arbitrary code with enough effort.
Risk Brief: Mozilla Thunderbird 150.0.2 Fixes Memory Safety Bugs
Mozilla fixed memory safety bugs in Thunderbird 150.0.2. The NVD/Mozilla record says some bugs showed evidence of memory corruption and could potentially be exploited to run arbitrary code with enough effort.
Brief: Mozilla Firefox ESR WebRTC Issue Fixed in Firefox ESR 140.10.2
Mozilla fixed CVE-2026-8094, described by NVD as another issue in the WebRTC component, in Firefox ESR 140.10.2.
Defender Guidance: Mozilla Firefox ESR WebRTC Issue Fixed in Firefox ESR 140.10.2
Mozilla fixed CVE-2026-8094, described by NVD as another issue in the WebRTC component, in Firefox ESR 140.10.2.
Detection Notes: Mozilla Firefox ESR WebRTC Issue Fixed in Firefox ESR 140.10.2
Mozilla fixed CVE-2026-8094, described by NVD as another issue in the WebRTC component, in Firefox ESR 140.10.2.
Risk Brief: Mozilla Firefox ESR WebRTC Issue Fixed in Firefox ESR 140.10.2
Mozilla fixed CVE-2026-8094, described by NVD as another issue in the WebRTC component, in Firefox ESR 140.10.2.
Brief: NAVER MYBOX Explorer for Windows Privilege Escalation Fixed in Version 3.0.11.160
NAVER MYBOX Explorer for Windows before 3.0.11.160 contains an improper privilege check that can allow a local attacker to escalate privileges to NT AUTHORITY\SYSTEM through registry manipulation.
Defender Guidance: NAVER MYBOX Explorer for Windows Privilege Escalation Fixed in Version 3.0.11.160
NAVER MYBOX Explorer for Windows before 3.0.11.160 contains an improper privilege check that can allow a local attacker to escalate privileges to NT AUTHORITY\SYSTEM through registry manipulation.
Detection Notes: NAVER MYBOX Explorer for Windows Privilege Escalation Fixed in Version 3.0.11.160
NAVER MYBOX Explorer for Windows before 3.0.11.160 contains an improper privilege check that can allow a local attacker to escalate privileges to NT AUTHORITY\SYSTEM through registry manipulation.
Risk Brief: NAVER MYBOX Explorer for Windows Privilege Escalation Fixed in Version 3.0.11.160
NAVER MYBOX Explorer for Windows before 3.0.11.160 contains an improper privilege check that can allow a local attacker to escalate privileges to NT AUTHORITY\SYSTEM through registry manipulation.