5017 matches found
PT-2026-45760
CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenticated attacker to access content that should be restricted, resulting in full compromise of confidentiality, integrity, and availability of affected installations...
CVE-2026-9509
An unhandled exception in Suprema BioStar 2 Server, versions 2.9.8, 2.9.10, and 2.9.11, that allows an unauthenticated remote attacker to cause a denial of service DoS by sending HTTP POST requests to the ‘/api/migration’ endpoint. This request triggers a failure that halts critical processes,...
EUVD-2026-33283
An unhandled exception in Suprema BioStar 2 Server, versions 2.9.8, 2.9.10, and 2.9.11, that allows an unauthenticated remote attacker to cause a denial of service DoS by sending HTTP POST requests to the ‘/api/migration’ endpoint. This request triggers a failure that halts critical processes,...
CVE-2025-41669
The CVE-2025-41669 entry concerns the PLCnext platform’s Web-based Management. A remote, low-privileged Engineer can install additional APPs downloaded from the PLCnext Store without data verification, enabling arbitrary code execution with root privileges on the PLCnext Control. This could impac...
JLSEC-2026-542
There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability...
JLSEC-2026-532
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...
CVE-2026-9365
A flaw was found in Ettercap. A remote attacker could exploit a heap-based buffer overflow vulnerability in the GG Dissector component by manipulating the gg argument within the FUNCDECODER function. This could lead to information disclosure, integrity impact, and availability impact. The attack...
Astra Linux - уязвимость в edk2
EDK2’s Network Package is vulnerable to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of availability...
Astra Linux - уязвимость в openjpeg2
There is a flaw in the src/lib/openjp2/pi.c file of openjpeg in versions prior to 2.4.0. If an attacker can provide untrusted input to openjpeg’s conversion/encoding functionality, they could cause an out-of-bounds read. The most significant impact of this flaw is the application’s availability...
Astra Linux - уязвимость в imagemagick
A flaw was discovered in ImageMagick version 7.0.11. In this version, an integer overflow in the WriteTHUMBNAILImage function in the coders/thumbnail.c file may lead to undefined behavior when processing a specially crafted image file submitted by an attacker. The greatest threat posed by this...
Astra Linux - уязвимость в openjpeg2
There is a flaw in OpenJPEG’s T2 encoder in versions prior to 2.4.0. An attacker who can provide crafted input for OpenJPEG to process may cause a null pointer dereferencing. The most significant impact of this flaw is the availability of the application...
Astra Linux - уязвимость в tiff
An integer overflow flaw was discovered in libtiff, which resides in the tifgetimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The greatest threat posed by this vulnerability relates to confidentiality, integrity, and system...
Astra Linux - уязвимость в imagemagick
A flaw was discovered in ImageMagick, specifically in the code file coders/hdr.c. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned char. This likely leads to a disruption in the...
Astra Linux - уязвимость в imagemagick
A vulnerability was discovered in ImageMagick, causing a value of type ‘unsigned char’ to fall outside the representable value range when crafted or untrusted input is processed in the coders/psd.c file. This results in a negative impact on the availability of the application or other problems...
Astra Linux - уязвимость в imagemagick
A flaw was discovered in ImageMagick’s MagickCore/segment.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, specifically a division by zero in mathematics. This likely results in a disruption to the application’s functionality, but it may al...
JLSEC-2026-514
An uncontrolled resource consumption memory leak flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability...
CVE-2026-41964
Permission control vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-41967
Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-41970
Out-of-bounds write vulnerability in the distributed file system module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-41965
Use-After-Free UAF vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability...