10313 matches found
CVE-2026-22555
Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets...
CVE-2026-14606
CVE-2026-14606 affects RT-Thread up to version 5.0.2, specifically the CAN_Receive function in SWM341 CAN Handler (SWM341.h in bsp/synwit/libraries/SWM341_CSL/CMSIS/DeviceSupport). The issue is a stack-based buffer overflow triggered by manipulating the function, with local access required. The v...
EUVD-2026-41563
A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CANReceive in the library bsp/synwit/libraries/SWM341CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The...
CVE-2026-14605
CVE-2026-14605 affects RT-Thread up to 5.0.2. The vulnerability is in the function recvmsg within bsp/loongson/ls1cdev/libraries/ls1c_can.h of the ls1c CAN Handler . It enables a stack-based buffer overflow when processing input, with local access required to exploit. Public exploit code exists. ...
EUVD-2026-41562
A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1ccan.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach...
PT-2026-55579
Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A stack-based buffer overflow exists in the recvmsg function within the bsp/loongson/ls1cdev/libraries/ls1c can.h library of the ls1c CAN Handler component. This issue requires local access to be...
UBUNTU-CVE-2026-53326
In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fillpool in early boot hardirq context When booting a debug PREEMPTRT kernel on an ARM64 system, a "inconsistent HARDIRQ-ON-W - IN-HARDIRQ-W usage" lockdep warning message was reported to the console...
CVE-2026-13490
A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...
EUVD-2026-39990
A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...
EulerOS 2.0 SP15 : kernel (EulerOS-SA-2026-2444)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 bpf: Fix undefined behavior in interpreter sdiv/smod for INTMINCVE-2026-31525...
CVE-2026-28385 SSRF via image import from URL allows internal network probing by authenticated users
In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...
EUVD-2026-39805
In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...
Oracle Linux 9 : kernel (ELSA-2026-27789)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27789 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...
CVE-2026-9780
Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must vis...
Astra Linux – Vulnerability in GIMP
GIMP PGM File Parsing: Uninitialized Memory Causes Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or...
Astra Linux – Vulnerability in GIMP
GIMP JP2 File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...
PT-2026-52121
Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description A directory traversal flaw exists in the updateLicense method, where a lack of proper validation of user-supplied paths allows authenticated remote attackers to delete arbitrary files. Th...
PT-2026-52124
Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description An issue in the restoreDB function allows authenticated remote attackers to execute arbitrary code in the context of SYSTEM. This occurs due to insufficient validation of a user-supplied...
kernel: can: isotp: fix tx.buf use-after-free in isotp_sendmsg()
A flaw was found in the Linux kernel's Controller Area Network CAN ISO-TP isotp module. This vulnerability, known as a use-after-free, occurs when the system attempts to free a memory region while it is still being used. A local attacker could trigger this condition by sending a signal that...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevents calling kfreeskb in a hard IRQ context. If a driver calls cangetechoskb during a hardware IRQ which is often, but not always the case, the WARNONinirq in net/core/skbuff.cskbreleaseheadstate migh...