Protecting Privacy Build Trust

Protecting Privacy Build Trust
Menu
  • Contact Us
Request Demo
Protecting Privacy Build Trust

Privacy Trust

on February 19, 2026 at 2:49 am — Chromium: CVE-2026-2316 Insufficient policy enforcement in Frames 

Leave a Comment / Threats & Vulnerabilities /

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information. 

on February 19, 2026 at 2:49 am — Chromium: CVE-2026-2316 Insufficient policy enforcement in Frames  Read More »

on February 18, 2026 at 10:45 am — CVE-2020-36425 An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock. 

Leave a Comment / Threats & Vulnerabilities /

Information published. 

on February 18, 2026 at 10:45 am — CVE-2020-36425 An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.  Read More »

on February 18, 2026 at 11:10 am — CVE-2018-19416 An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memmove call, as demonstrated by sadf. 

Leave a Comment / Threats & Vulnerabilities /

Information published. 

on February 18, 2026 at 11:10 am — CVE-2018-19416 An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memmove call, as demonstrated by sadf.  Read More »

on February 18, 2026 at 9:07 am — CVE-2021-22918 Node.js before 16.4.1 14.17.2 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo(). 

Leave a Comment / Threats & Vulnerabilities /

Information published. 

on February 18, 2026 at 9:07 am — CVE-2021-22918 Node.js before 16.4.1 14.17.2 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().  Read More »

on February 18, 2026 at 10:23 am — CVE-2021-3636 It was found in OpenShift before version 4.8 that the generated certificate for the in-cluster Service CA incorrectly included additional certificates. The Service CA is automatically mounted into all pods allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service. 

Leave a Comment / Threats & Vulnerabilities /

Information published. 

on February 18, 2026 at 10:23 am — CVE-2021-3636 It was found in OpenShift before version 4.8 that the generated certificate for the in-cluster Service CA incorrectly included additional certificates. The Service CA is automatically mounted into all pods allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service.  Read More »

on February 18, 2026 at 11:03 am — CVE-2020-36424 An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values. 

Leave a Comment / Threats & Vulnerabilities /

Information published. 

on February 18, 2026 at 11:03 am — CVE-2020-36424 An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.  Read More »