CVE-2026-20639

An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3. Processing a maliciously crafted string may lead to heap corruption...

CVE-2026-28338

PMD is an extensible multilanguage static code analyzer. Prior to version 7.22.0, PMD's vbhtml and yahtml report formats insert rule violation messages into HTML output without escaping. When PMD analyzes untrusted source code containing crafted string literals, the generated HTML report contains...

EUVD-2026-4826

A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds write...

Linux Distros Unpatched Vulnerability : CVE-2025-66399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input- validation flaw in the SNMP device configuration...

Elastic Cloud Enterprise 安全漏洞

Elastic Cloud Enterprise is a cloud platform from the Dutch company Elastic. It makes it easy to deploy, operate and scale Elastic Stack in the cloud. A security vulnerability exists in Elastic Cloud Enterprise that stems from improper neutralization of special elements in the template engine,...

EUVD-2011-2160

Malware in sbrugna...

EUVD-2021-2190

Malware in sbrugna...

EUVD-2010-1206

Malware in sbrugna...

EUVD-2015-2866

Malware in sbrugna...

EUVD-2016-5801

Malware in sbrugna...

EUVD-2022-33472

Malicious code in bioql PyPI...

Prototype Pollution

devalue is vulnerable to prototype pollution. The vulnerability is due to devalue.parse not validating that an index is numeric, which allows an attacker to pass a crafted string with a proto property to assign prototypes to objects and properties...

PT-2025-37844

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.7 macOS versions prior to Sonoma 14.8 macOS versions prior to Tahoe 26 Description: The issue was addressed with improved bounds checks. Processing a maliciously crafted string may lead to heap corruption...

Apple macOS 缓冲区错误漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A buffer error vulnerability exists in Apple macOS that stems from insufficient boundary checking when processing specially crafted strings, which could lead to heap corruption...

CVE-2019-11391

An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with $a at the beginning and nested repetition operators. NOTE: the softwa...

CVE-2022-29059

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 in FortiWeb version 7.0.1 and below, 6.4.2 and below, 6.3.20 and below, 6.2.7 and below may allow a privileged attacker to execute SQL commands over the log database via specifically crafted...

python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words()

An inefficient regular expression complexity flaw was found in the Truncator.words function and truncatewordshtml filter of Django. This issue may allow an attacker to use a suitably crafted string to cause a denial of service...

CVE-2024-0816

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50ABVY.4C0 could allow an authenticated local attacker to cause denial of service DoS conditions by executing the CLI command with crafted strings on an affected device...

CVE-2024-0816

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50ABVY.4C0 could allow an authenticated local attacker to cause denial of service DoS conditions by executing the CLI command with crafted strings on an affected device...

CVE-2024-33577

A vulnerability has been identified in Simcenter Femap All versions V2406. The affected applications contain a stack overflow vulnerability while parsing specially strings as argument for one of the application binaries. This could allow an attacker to execute code in the context of the current...