12 matches found
CVE-2026-45696
CVE-2026-45696 affects OpenEXR 3.4.0–3.4.11, where the HTJ2K decoder’s ht_undo_impl() can perform a heap-buffer-overflow READ due to a width mismatch between the EXR codestream and the declared line width. The decoder copies 32-bit samples from cur_line->i32[] without validating the OpenJPH li...
Exploit for CVE-2026-8181
CVE-2026-8181 — Burst Statistics Authentication Bypass to Admi...
CVE-2026-41326 Kata Containers: CopyFile Policy Subversion via Symlinks
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...
PT-2026-29622
Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.6 Description OpenEXR, a specification and reference implementation of the EXR file format used in the motion picture industry, contains a flaw. A crafted .exr file utilizing HTJ2K compression and a channel...
ai.ancf.lmos:arc-runner (=0.114.0), ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0) +1035 more potentially affected by CVE-2026-22731 via org.springframework.boot:spring-boot-starter-actuator (>=3.4.0 <=3.4.13)
org.springframework.boot:spring-boot-starter-actuator MAVEN version =3.4.0, =0.5.0, =0.8.0, =0.0.1, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.1.2 and more Source cves: CVE-2026-22731 Source advisory: OSV:GHSA-8HFC-FQ58-R658...
Exploit for CVE-2025-68434
CVE-2025-68434: CSRF Unauthorized Administrator Creation in Op...
CVE-2025-58243
Missing Authorization vulnerability in Jthemes imEvent imevent allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects imEvent: from n/a through = 3.4.0...
CVE-2025-53343
Missing Authorization vulnerability in GoodLayers Modernize modernize allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modernize: from n/a through = 3.4.0...
CVE-2025-53343
Missing Authorization vulnerability in GoodLayers Modernize modernize allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modernize: from n/a through = 3.4.0...
PT-2025-33374 · Unknown · Goodlayers Modernize
Name of the Vulnerable Software and Affected Versions: GoodLayers Modernize versions through 3.4.0 Description: The software contains a missing authorization flaw that allows exploitation due to incorrectly configured access control security levels. Recommendations: Update GoodLayers Modernize to...
CVE-2025-24754
Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through = 3.4.0...
CVE-2022-43851
IBM Aspera Console 3.4.0 through 3.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...