61323 matches found
CVE-2026-0144
The CVE-2026-0144 issue is described as a memory safety flaw in writeAocCommand of AocAudioCodec.cpp caused by a missing bounds check, potentially enabling remote denial of service without user interaction. Exploitation details, affected products/versions, and remediation are not provided in the ...
CVE-2026-0141
In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0141
CVE-2026-0141 describes a likely out-of-bounds read in decodeAppPacket of RtcpAppPacket.cpp caused by a missing bounds check. The vulnerability enables a remote information disclosure without requiring additional execution privileges and without user interaction. Public references in the provided...
CVE-2026-0139
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0139
CVE-2026-0139 affects the Modem with an out-of-bounds write caused by a missing bounds check, enabling remote code execution without privileges or user interaction. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) yields a base score of 8.8 (HIGH). The Android Pixel bulletin and related ...
CVE-2026-0136
CVE-2026-0136 affects the Modem component, where a missing bounds check allows an out-of-bounds read. This can lead to remote denial of service without user interaction and with no additional execution privileges required. Public references consistently describe it as a DoS condition impacting Mo...
CVE-2026-0136
In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0133
In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0133
Affected component: arm-smmu-v3.c (smmu_attach_dev). The issue is a missing permission check that can allow signing malicious Android Runtime bootclass artifacts, enabling local escalation of privilege without extra execution privileges. Exploitation requires local access; user interaction is not...
CVE-2026-0129
In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2026-0129
The CVE-2026-0129 entry concerns RtcpByePacket::decodeByePacket with a missing bounds check that can lead to remote information disclosure. The available sources (NVD, OSV, PT security, Android Pixel bulletin) indicate this is related to libpixelimsmedia and triggers information disclosure withou...
CVE-2026-0126
In WC-Radio, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.
A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...
GHSA-9C59-2MVC-VFR8 Langflow: IDOR/BOLA in Monitor API — Missing Ownership Enforcement on 7 Endpoints
Summary Langflow's /api/v1/monitor router exposes 7 endpoints that perform read, write, and delete operations on user-owned resources — messages, sessions, build artifacts, and LLM transaction logs — without verifying that the authenticated requester owns the targeted resource. Any authenticated...
rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.
A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...
Natural Language Toolkit (NLTK): URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File Read
Summary nltk.data.load in NLTK is vulnerable to path traversal via URL-encoded path separators and traversal segments when using the nltk: URL scheme. The unsafe-path regex check is performed before url2pathname decodes the %xx sequences a classic decode-after-check / TOCTOU-style flaw, allowing ...
CVE-2026-53438
A flaw was found in Jenkins. A missing permission check allows an attacker, who has 'Item/Cancel' permission but lacks 'Item/Read' permission, to cancel queue items they are not authorized to view. This could lead to unauthorized disruption of queued tasks within Jenkins...
ROOT-APP-NPM-CVE-2021-3803 CVE-2021-3803 in @rootio/nth-check - Patched by Root
Root has patched CVE-2021-3803 in the @rootio/nth-check package for Root:npm. Multiple fixed versions available...
BIT-MYSQL-CLIENT-2026-44173 MariaDB: FILE privilege was not checked for subqueries in the FROM clause
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...
Exploit for Improper Authentication in Checkpoint Gaia_Os
CVE-2026-50751 Scanner Multi-target detection scanner for CV...