120615 matches found
USN-8318-1: libcaca vulnerability
It was discovered that libcaca incorrectly handled certain malformed files. An attacker could use this issue to cause libcaca to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-8318-1 libcaca vulnerability
It was discovered that libcaca incorrectly handled certain malformed files. An attacker could use this issue to cause libcaca to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-8316-1 cableswig vulnerabilities
It was discovered that Expat, vendored in CableSwig, incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...
EUVD-2026-32062
The Query Shortcode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.2.1 via the shortcode function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary .php files on the...
CVE-2026-48962
IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the caller-supplied output glob string in double quotes and stores it in the parser state; getFiles then runs the stored expression through eval...
USN-8314-1 ayttm vulnerabilities
It was discovered that Expat, vendored in Ayttm, incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the scanForGeometryContainers function. An attacker can achieve arbitrary code execution by supplying a crafted NetCDF file containing an oversized geometry attribute, which is read into a fixed-size stac...
CVE-2026-48962
IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the caller-supplied output glob string in double quotes and stores it in the parser state; getFiles then runs the stored expression through eval...
CVE-2026-49014
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the JavaExprAlgorithmExecutionFactory process. An attacker can execute arbitrary code on the underlying operating system by injecting malicious Java expressions through the REST API when authenticated with th...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. In versions prior to 148.0.7778.216 for Android, there was a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs by the WebAppInstalls component, which could allow local...
Debian dsa-6298 : imagemagick - security update
The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6298 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6298-1 [email protected] https://www.debian.org/securit...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Rclone vulnerabilities (USN-8299-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8299-1 advisory. It was discovered that Rclone incorrectly handled authorization in the remote control API. An attacker could...
CVE-2025-69600
CVE-2025-69600 affects RayVentory Raynet RVIA 12.6.4392.49-amd64.deb. Root cause is Argument Injection in an improperly terminated find command used to locate Java, enabling local attackers to execute arbitrary code via commands injected through getconfig, upload, or oracle options (and inventory...
CVE-2025-69600
Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to execute commands via getconfig, and upload through the URL argument, and oracle through the -o flag The Supplier's perspective is that this is caused by Argument Injection in the find command query in rvia 12.6.4392.49...
PT-2026-44047
Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to execute commands via getconfig, and upload through the URL argument, and oracle through the -o flag The Supplier's perspective is that this is caused by Argument Injection in the find command query in rvia 12.6.4392.49...
GDAL 安全漏洞
GDAL is an open-source geospatial data abstraction library developed by the GDAL community. Versions 3.1.0 to 3.13.0 of GDAL contain security vulnerabilities. These vulnerabilities stem from the scanForGeometryContainers function in the netCDF driver, which reads geometric properties into a...
IO-Compress 安全漏洞
IO-Compress is a Perl library developed by Paul Marquess, which supports various compression formats. Versions of IO-Compress prior to 2.220 contained security vulnerabilities. These vulnerabilities stemmed from File::GlobMapper, where arbitrary code could be executed through an output glob...
RHEL 9 : libpng (RHSA-2026:20549)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20549 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes:...
RHEL 9 : libpng (RHSA-2026:20550)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20550 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes:...