FlexRIC security vulnerabilities

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from the use of a uint16t counter for xappid assignment, but the counter is stored in a uint32t field. As a result of this counter...

Hitachi Energy HiDraw 安全漏洞

Hitachi Energy HiDraw is a power transformer design software developed by Hitachi Corporation in Japan. Hitachi Energy HiDraw contains a security vulnerability caused by a heap buffer overflow. This vulnerability could allow malicious users with local access to cause memory corruption and potenti...

Astra Linux - уязвимость в docker.io-app

Moby version 25.0.3 has a race condition vulnerability in the StreamFormatter package. This vulnerability can be exploited to trigger multiple concurrent write operations, leading to data corruption or application crashes...

Use After Free

Electron is vulnerable to Use After Free. The vulnerability is due to improper handling of child windows in offscreen rendering mode after the parent WebContents is destroyed, which allows an attacker to trigger memory corruption or application crashes through crafted child window interactions...

MongoDB PHP Driver 安全漏洞

The MongoDB PHP Driver is an open-source driver developed by MongoDB for PHP applications, enabling connection to MongoDB databases. The MongoDB PHP Driver has a security vulnerability that stems from a stack overflow issue when processing deeply nested BSON documents, which may lead to applicati...

Qt SVG 安全漏洞

Qt SVG is a graphics processing module developed by the Qt company. Versions of Qt SVG from 6.7.0 to 6.8.8, as well as versions from 6.9.0 to 6.11.1, have security vulnerabilities. These vulnerabilities stem from type confusion during the processing of SVG markup references, which may lead to...

[SECURITY] Fedora 44 Update: kf6-kcrash-6.25.0-1.fc44

KCrash provides support for intercepting and handling application crashes...

Denial Of Service (DoS)

Electron is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of invalid clipboard image data leading to unchecked null bitmap usage, which allows an attacker to cause application crashes when malformed image data is processed...

Use After Free

Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free in the powerMonitor function. An attacker can cause memory corruption or application crashes by triggering...

CVE-2026-3778

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities arise from failing to detect or prevent...

LibVNCServer 缓冲区错误漏洞

LibVNCServer is a cross-platform C language library developed by LibVNC, which supports implementing VNC Virtual Network Computing server or client functions within programs. Versions of LibVNCServer prior to 0.9.15 contain a buffer error vulnerability. This vulnerability stems from heap...

Integer Overflow or Wraparound

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Denial-of-Service (DoS)

jsPDF is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to unvalidated image dimensions in the addImage and html methods, where attacker-controlled BMP images with excessively large width or height values trigger excessive memory allocation, leading to out-of-memory errors and...

Nsasoft Nsauditor 安全漏洞

Nsasoft Nsauditor is a network security software developed by the American company Nsasoft. Version Nsasoft Nsauditor 3.2.0.0 contains a security vulnerability. This vulnerability stems from improper handling of the registered name input field, which may lead to application crashes...

UltraVNC Launcher 安全漏洞

UltraVNC Launcher is a launcher for the remote control software developed by UltraVNC Corporation. Version 1.2.4.0 of UltraVNC Launcher contains a security vulnerability, which stems from improper handling of the relay host configuration fields, potentially leading to application crashes...

libsoup 安全漏洞

Libsoup is a GNOME project’s HTTP client/server library. Libsoup has a security vulnerability that stems from an error in calculating the length of multipart HTTP responses. This error can lead to stack buffer overflows, memory corruption, application crashes, or the execution of arbitrary code...

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed vulnerabilities in Adobe Illustrator Specifically for versions 29.8.3, 30.0 and earlier. The vulnerabilities are in the way Adobe Illustrator handles specially crafted files. The first vulnerability involves an Unreliable Search Path issue that can lead to arbitrary code execution...

RIOT OS 安全漏洞

RIOT OS is an IoT operating system from RIOT Open Source. A security vulnerability exists in RIOT OS version 2026.01-devel-317 and earlier, which stems from a lack of boundary checking when the ethos tool handles serial frame data, which could lead to memory corruption and application crashes...

CVE-2025-55309

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal focus change...