38396 matches found
SAMSUNG SMR 安全漏洞
SAMSUNG SMR is a system patch package developed by Samsung Electronics of South Korea. It provides patches for Samsung mobile applications. Versions prior to SAMSUNG SMR May-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper export of Android applicatio...
CVE-2024-51395
CVE-2024-51395 affects ArduPilot Copter via a buffer overflow in the AP_SmartAudio::loop/ AP_SmartAudio.cpp path. The issue is triggered by the latest commit 92693e023793133e49a035daf37c14433e484778, enabling a local attacker to cause a denial of service. Documents consistently describe the vulne...
CVE-2024-51395
Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the APSmartAudio::loop, APSmartAudio, APSmartAudio.cpp components...
BELL-CVE-2026-45130
Bulletin has no description...
CVE-2026-44245
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 2.5.2, Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentionally disables the auto-escaping that interpolation provides. The PropertyCard.vue component uses...
CVE-2026-44245
CVE-2026-44245 affects Kyverno’s policy-reporter-ui where the PropertyCard.vue component uses Vue.js v-html to render non-URL strings, bypassing escaping and allowing stored HTML payloads from Kubernetes PolicyReport.results[].properties to flow into the DOM. The isURL() guard only filters http/h...
EUVD-2026-29763
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the...
Dependency on Vulnerable Third-Party Component
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Dependency on Vulnerable Third-Party Component through the use of a vulnerable third-party component. An attacker can cause the application to crash by sending specially...
Dependency on Vulnerable Third-Party Component
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Dependency on Vulnerable Third-Party Component due to the use of a vulnerable third-party component. An attacker can cause the application to crash by sending specially...
CVE-2025-65086 Out-of-bounds write in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share
An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed...
CVE-2026-26164
Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...
CVE-2026-34652
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the...
CVE-2026-34652 Adobe Commerce | Dependency on Vulnerable Third-Party Component (CWE-1395)
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the...
CVE-2026-34652
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the...
CVE-2026-34652 Adobe Commerce | Dependency on Vulnerable Third-Party Component (CWE-1395)
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the...
CVE-2026-34654 Adobe Commerce | Dependency on Vulnerable Third-Party Component (CWE-1395)
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the...
CVE-2026-34654 Adobe Commerce | Dependency on Vulnerable Third-Party Component (CWE-1395)
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the...
CVE-2026-34654
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the...
EUVD-2026-29714
Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...
EUVD-2026-29685
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...