16953 matches found
EUVD-2026-42275
App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...
CVE-2026-55380
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...
EUVD-2026-41901
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...
OPENSUSE-SU-2026:11188-1 json-c-devel-0.19-1.1 on GA media
These are all security issues fixed in the json-c-devel-0.19-1.1 package on the GA media of openSUSE Tumbleweed...
RLSA-2026:33092 Moderate: glibc security, bug fix, and enhancement update
The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...
CVE-2026-14639
A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/myaccount.php?editaccount. Such manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2026-14639 CodeAstro Ecommerce Website my_account.php sql injection
A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/myaccount.php?editaccount. Such manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The exploit has been...
Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak System
Summary Multiple vulnerabilities were addressed in IBM Cloud Pak System version 2.3.6.1 and IBM Cloud Pak System version 2.3.5.1. Vulnerability Details CVEID:CVE-2025-0395 DESCRIPTION: When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for...
SUSE-SU-2026:2731-1 Security update for editorconfig-core-c
This update for editorconfig-core-c fixes the following issue: - CVE-2026-40489: improper use of strcpy can lead to a stack buffer overflow bsc1262131...
CVE-2026-8699
A stored Cross-Site Scripting XSS vulnerability has been identified in the web-based management interface of Archer C5 v6.8 routers, due to insufficient server-side validation and lack of proper output encoding of user-controlled input in a certain field. An attacker with administrative privilege...
RHSA-2026:34211 Red Hat Security Advisory: glibc security update
Bulletin has no description...
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
A flaw was found in glibc GNU C Library. This vulnerability occurs when an application uses the scanf family of functions with a %mc format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination c...
RLSA-2026:33226 Moderate: glibc security, bug fix, and enhancement update
The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...
RLSA-2026:33126 Moderate: glibc security update
The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...
EUVD-2026-40422
A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...
DEBIAN-CVE-2026-50003
A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...
CVE-2026-50003
A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...
RHSA-2026:33231 Red Hat Security Advisory: glibc security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2026:33230 Red Hat Security Advisory: glibc security update
Bulletin has no description...
RHSA-2026:33126 Red Hat Security Advisory: glibc security update
Bulletin has no description...