46 matches found
CVE-2026-26354
creationtimestamp| type| source ---|---|--- 2026-04-22 19:00:13+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116449896805134925 2026-04-22 20:02:13+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk4c2yazua2z 2026-04-22 21:20:52+00:00| seen|...
CVE-2026-26354
Dell PowerProtect Data Domain with DD OS Feature Release versions 7.7.1.0–8.6, LTS2025 8.3.1.0–8.3.1.10, and LTS2024 7.13.1.0–7.13.1.60 contains a stack-based Buffer Overflow vulnerability. An unauthenticated, remote attacker could potentially exploit this to achieve arbitrary command execution. ...
MiracleLinux 9 : qemu-kvm-6.2.0-11.el9.3 (AXSA:2022-4021:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4021:02 advisory. QEMU: virtio-net: map leaking on error during receive CVE-2022-26353 QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak...
Linux Distros Unpatched Vulnerability : CVE-2022-26354
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading ...
CVE-2025-26354
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua copy endpoint in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to overwrite sensitive files via crafted HTTP requests...
CVE-2025-26354
creationtimestamp| type| source ---|---|--- 2025-02-12 14:50:53+00:00| seen| https://infosec.exchange/users/cve/statuses/113991473758524880 2025-02-12 15:37:05+00:00| published-proof-of-concept| Telegram/lZEJiQD3O3xPf1pBYP5mgJTFa8U9Tg1CM3lnY7moTw8EfI...
CVE-2025-26354
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua copy endpoint in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to overwrite sensitive files via crafted HTTP requests...
CVE-2025-26354
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua copy endpoint in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to overwrite sensitive files via crafted HTTP requests...
CVE-2025-26354
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua copy endpoint in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to overwrite sensitive files via crafted HTTP requests...
CVE-2025-26354
CVE-2025-26354 concerns Q-Free MaxTime
Azure Linux 3.0 Security Update: qemu / qemu-kvm (CVE-2022-26354)
The version of qemu / qemu-kvm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-26354 advisory. - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not...
CBL Mariner 2.0 Security Update: qemu / qemu-kvm (CVE-2022-26354)
The version of qemu / qemu-kvm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-26354 advisory. - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not...
SUSE: Security Advisory (SUSE-SU-2023:3800-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:3721-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-26354
creationtimestamp| type| source ---|---|--- 2023-05-09 22:38:54+00:00| seen| https://t.me/cibsecurity/63660...
CVE-2021-26354
CVE-2021-26354 affects AMD’s ASP/Bootloader pathway (ASP/ABL) with Insufficient bounds checking that may allow a system call from a compromised ABL, initializing arbitrary memory to zero and potentially compromising integrity. The vulnerability is documented across multiple sources (NVD entry and...
CVE-2023-26354
creationtimestamp| type| source ---|---|--- 2023-03-29 00:46:07+00:00| seen| https://t.me/cibsecurity/60961...
CVE-2023-26354
Adobe Dimension 3.4.7 and earlier is affected by CVE-2023-26354, an out-of-bounds read in USD file parsing that can disclose sensitive memory and potentially bypass ASLR. Exploitation requires user interaction (opening a malicious file). Publicly documented impact is memory disclosure with a loca...
SUSE: Security Advisory (SUSE-SU-2023:0761-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20) (macOS)
The version of Adobe Dimension installed on the remote macOS host is prior to 3.4.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-20 advisory. - Adobe Dimension versions 3.4.7 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could...