ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

RLSA-2026:11349 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 For more details about the security issues, including the impact, a CVSS...

angr 9.2.213

angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...

ROS-20260429-73-0011

A vulnerability in the pgtrgm component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...

RockyLinux 8 : libxml2 (RLSA-2026:11349)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:11349 advisory. libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 Tenable has extracted the preceding description block...

ROS-20260429-73-0030

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260429-73-0024

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

Acronis DeviceLock DLP 代码问题漏洞

Acronis DeviceLock DLP is a terminal security protection system developed by the Swiss company Acronis. It is designed to control access to peripherals and prevent data breaches. Versions of Acronis DeviceLock DLP prior to version 9.0.93212 contained code vulnerabilities related to DLL hijacking,...

ROS-20260429-73-0029

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260429-73-0025

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260429-73-0012

A vulnerability in the pgtrgm component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...

PT-2026-36898

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.33 n8n versions prior to 2.17.5 Description An issue in the 'dynamic-node-parameters' endpoints allows an authenticated user with access to a shared workflow to supply a foreign credential ID in the request body...

ROS-20260429-73-0026

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c

A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map', leading to stack exhaustion and a local denial of service...

CVE-2026-7279

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

CVE-2026-7279

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

EUVD-2026-26028

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

CVE-2026-1460

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected...