Monthly
Snort 3 Detection Engine crashes when processing malformed VBA data due to improper decompression error handling, allowing unauthenticated remote attackers to trigger denial-of-service conditions across multiple Cisco products. An attacker can exploit this vulnerability by sending crafted VBA payloads to cause unexpected engine restarts without requiring authentication or user interaction. No patch is currently available for this medium-severity flaw.
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.
The issue was addressed with improved memory handling. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Snort 3 Detection Engine crashes when processing malformed VBA data due to improper decompression error handling, allowing unauthenticated remote attackers to trigger denial-of-service conditions across multiple Cisco products. An attacker can exploit this vulnerability by sending crafted VBA payloads to cause unexpected engine restarts without requiring authentication or user interaction. No patch is currently available for this medium-severity flaw.
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.
The issue was addressed with improved memory handling. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.