38642 matches found
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
firefox: thunderbird: Sandbox escape due to use-after-free in the Disability Access APIs component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...
firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Undefined behavior in the WebRTC: Signaling component...
firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...
Security Bulletin: IBM Maximo Application Suite - Manage Component uses ajv-6.12.6 in multiple applications which is vulnerable CVE-2025-69873
Summary IBM Maximo Application Suite - Manage Component uses ajv-6.12.6 in multiple applications which is vulnerable CVE-2025-69873 Vulnerability Details CVEID:CVE-2025-69873 DESCRIPTION: ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by cross-site scripting and vulnerable to CVE-2025-32434.
Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by cross-site scripting and vulnerable to CVE-2025-32434. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: I...
CVE-2026-5034
A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown functionality of the file /editcostumer.php of the component Parameter Handler. This manipulation of the argument cosid causes sql injection. It is possible to initiate the attack remotely. The...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses multiple jar packages which are vulnerable to CVE-2025-24970, CVE-2025-55163.
Summary IBM Maximo Application Suite - Monitor Component uses multiple jar packages which are vulnerable to CVE-2025-24970, CVE-2025-55163. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses pillow-12.1.0-cp311-cp311-manylinux_2_27_x86_64.manylinux_2_28_x86_64.whl which is vulnerable to CVE-2026-25990.
Summary IBM Maximo Application Suite - Monitor Component uses pillow-12.1.0-cp311-cp311-manylinux227x8664.manylinux228x8664.whl which is vulnerable to CVE-2026-25990. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25990 DESCRIPTION: Pillow is...
CVE-2026-5021
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...
FRRouting 访问控制错误漏洞
FRouting is an open-source network routing software suite that runs on Unix-like platforms. Versions of FRRouting 10.5.1 and earlier contained a access control vulnerability, which stemmed from incorrect operations on the function processtype2route in the file bgpd/bgpevpn.c. This vulnerability...
PT-2026-29206
Name of the Vulnerable Software and Affected Versions gdk-pixbuf affected versions not specified Description A flaw exists in the gdk-pixbuf library within the JPEG image loader. This heap-based buffer overflow occurs due to improper validation of color component counts when processing a speciall...
CVE-2026-5037
A vulnerability was determined in mxml up to 4.0.4. This issue affects the function indexsort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer overflow. The attack is restricted to local execution. The exploit ha...
CVE-2026-5036 Tenda 4G06 Endpoint DhcpListClient fromDhcpListClient stack-based overflow
A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely...
BELL-CVE-2026-23390
Bulletin has no description...
CVE-2026-5021 Tenda F453 httpd PPTPUserSetting fromPPTPUserSetting stack-based overflow
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-5021 Tenda F453 httpd PPTPUserSetting fromPPTPUserSetting stack-based overflow
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...
Tenda F453 安全漏洞
The Tenda F453 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.3 of the Tenda F453 contains a security vulnerability. This vulnerability stems from improper handling of the parameter “delno” in the function “fromPPTPUserSetting” within the httpd component, which may lead...
CVE-2026-4962
A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...