Aggregator

Name: SAS CTF 2026 Quals (an SAS CTF event.)
Date: June 6, 2026, noon — 07 June 2026, 12:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.thesascon.com/
Rating weight: 31.00
Event organizers: Drovosec SAS CREW

Name: DalCTF 2026 (an DalCTF event.)
Date: June 6, 2026, 1 p.m. — 07 June 2026, 15:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Location: Halifax, Canada and Online
Offical URL: https://dalctf2026.com/
Rating weight: 0
Event organizers: HTTP Status 418

Currently trending CVE - Hype Score: 6 - An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists ...

Currently trending CVE - Hype Score: 6 - A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure.

Currently trending CVE - Hype Score: 6 - A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a ...

Currently trending CVE - Hype Score: 6 - A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this buffer at a client-controlled offset, allowing a ...

Currently trending CVE - Hype Score: 6 - A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to ...

Currently trending CVE - Hype Score: 6 - A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but ...

Currently trending CVE - Hype Score: 6 - A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the ...

Currently trending CVE - Hype Score: 6 - A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key ...

Currently trending CVE - Hype Score: 1 - A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of ...

Currently trending CVE - Hype Score: 4 - In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcall_target that cifs.upcall treats as kernel-originating ...

A vulnerability categorized as critical has been discovered in Google Chrome on Linux. Affected by this issue is some unknown functionality of the component GFX. Executing a manipulation can lead to use after free. This vulnerability is handled as CVE-2026-10891. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Google Chrome on Windows and classified as problematic. This vulnerability affects unknown code of the component ANGLE. Executing a manipulation can lead to use of uninitialized variable. This vulnerability is registered as CVE-2026-11268. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Google Chrome. This issue affects some unknown processing of the component Omnibox. The manipulation results in use after free. This vulnerability is known as CVE-2026-11177. It is possible to launch the attack remotely. No exploit is available. You should upgrade the affected component.

A vulnerability was found in Google Chrome on Android. It has been rated as problematic. This affects an unknown function of the component Navigation. This manipulation causes improper input validation. This vulnerability is handled as CVE-2026-11287. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability categorized as problematic has been discovered in Google Chrome. Affected by this vulnerability is an unknown functionality of the component Autofill. The manipulation results in permissive cross-domain policy with untrusted domains. This vulnerability is cataloged as CVE-2026-10950. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.