206127 matches found
CVE-2026-28704
Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck...
CVE-2026-28704
EmoCheck is affected by a DLL search/loading flaw: it insecurely loads Dynamic Link Libraries (DLLs). A crafted DLL placed in the same directory can lead to arbitrary code execution under the invoking user’s privileges. Documents do not specify the vulnerable component version, exact file or DLL ...
EmoCheck loads Dynamic Link Libraries insecurely
Overview EmoCheck is a tool for detecting infections by "Emotet" malware, provided by Japan Computer Emergency Response Team Coordination Center JPCERT/CC. EmoCheck loads Dynamic Link Libraries insecurely. Uncontrolled search path element CWE-427 - CVE-2026-28704 ryo shimada of Powder Keg...
PT-2026-31881
Name of the Vulnerable Software and Affected Versions Emocheck affected versions not specified Description Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed in the same directory, arbitrary code may be executed with the privilege of the user invoking EmoCheck...
PraisonAI 安全漏洞
PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained a security vulnerability. This vulnerability stemmed from the automatic loading and execution of the tools.py file located in the working directory, which coul...
PraisonAI 安全漏洞
PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained security vulnerabilities. These vulnerabilities stemmed from the Python sandbox based on AST, which could be exploited through type.getattribute, potentially...
LiteLLM 安全漏洞
LiteLLM is an open-source application developed by Berri AI. It allows for the invocation of all LLM APIs in the OpenAI format. Versions of LiteLLM dated before April 8, 2026, contain a security vulnerability. This vulnerability stems from the /guardrails/testcustomcode URI, which allows arbitrar...
CVE-2026-31262
Cross Site Scripting vulnerability in Altenar Sportsbook Software Platform SB2 v.2.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the URL parameter...
PT-2026-31995
Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.5.128 Description PraisonAI's AST-based Python sandbox can be bypassed using the type. getattribute trampoline, leading to arbitrary code execution when running untrusted agent code. The execute code direct functi...
ROS-20260410-73-0006
An XRDP server vulnerability is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from inconsistent handling of environment variable overrides, which could allow attackers to provide overrid...
PT-2026-31917
Name of the Vulnerable Software and Affected Versions Netwide Assembler NASM affected versions not specified Description A heap buffer overflow occurs due to a lack of bounds checking in the obj directive function. This issue can be triggered when assembling a malicious .asm file, which may lead ...
OpenClaw has an unspecified vulnerability (CNVD-2026-19641)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. A security vulnerability exists in OpenClaw that stems from automatically discovering and loading plugins from .OpenClaw/extensions/ without explicit trust validation, which can be exploited by an attacker to cause arbitrar...
Altenar Sportsbook Software Platform SB2 安全漏洞
The Altenar Sportsbook Software Platform SB2 is a betting platform and odds management system developed by the Malta-based company Altenar, aimed at the sports betting industry. Version 2.0 of the Altenar Sportsbook Software Platform SB2 contains a security vulnerability. This vulnerability stems...
Google Chrome ANGLE heap buffer overflow vulnerability (CNVD-2026-16862)
Google Chrome is a web browser from Google, an American company. A buffer overflow vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a failure of the ANGLE heap to properly validate the length size of input data, which can be exploited by an...
Google Chrome Dawn Component Memory Misreference Vulnerability
Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a confusion in the instructions of the Dawn component responsible for freeing memory. An attacker can...
Google Chrome GPU Heap Buffer Overflow Vulnerability
Google Chrome is a web browser from Google, an American company. A buffer overflow vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from the GPU heap failing to properly validate the length size of input data, which can be exploited by an attacker...
NetBT e-Fatura - Privilege Escalation
Exploit Title: NetBT e-Fatura - Privilege Escalation Author: Seccops Discovery Date: 2025-10-03 Vendor: https://net-bt.com.tr/e-fatura/ Tested Version: 2024 Tested on OS: Microsoft Windows Server 2019 DC Vulnerability Type: CWE-428 Unquoted Search Path or Element CVE: CVE-2025-14018 Note: Thanks...
FreeBSD : Mozilla -- Memory safety bugs (359d8e42-33fb-11f1-8ac1-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 359d8e42-33fb-11f1-8ac1-b42e991fc52e advisory. https://bugzilla.mozilla.org/buglist.cgi?bugid=2025475%2C2025477 reports: Memory safety bugs present in...
CVE-2026-5858
A flaw was found in WebML in Google Chrome. A remote attacker could exploit a heap buffer overflow vulnerability by enticing a user to visit a specially crafted HTML page. Successful exploitation of this memory corruption flaw could allow the attacker to execute arbitrary code on the affected...