360 matches found
PT-2026-7811
Dell Update Package DUP Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
USN-8025-1: .NET vulnerability
Kevin Jones discovered that the System.Security.Cryptography.Cose component in .NET did not properly handle certain missing special elements in input data. An attacker could possibly use this issue to bypass security checks and gain unauthorized access or perform data manipulation...
KB5075971: Windows Server 2012 Security Update (February 2026)
The remote Windows host is missing security update 5075971. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Heap-based buffer overflow in Microso...
CVE-2026-1417 GPAC filedump.c dump_isom_rtp null pointer dereference
A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dumpisomrtp of the file applications/mp4box/filedump.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been made available to the public and coul...
MiracleLinux 8 : qt5 (AXSA:2021-2858:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2858:01 advisory. qt: Out of bounds read in function QRadialFetchSimd from crafted svg file CVE-2021-3481 Tenable has extracted the preceding description block directly from t...
MiracleLinux 9 : qt5-qtbase-5.15.9-9.el9 (AXSA:2024-8076:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8076:01 advisory. qt: incorrect integer overflow check CVE-2023-51714 qtbase: potential buffer overflow when reading KTX images CVE-2024-25580 Tenable has extracted t...
MiracleLinux 9 : dotnet6.0-6.0.125-1.el9_3.ML.1 (AXSA:2023-7090:29)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7090:29 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...
CVE-2025-68960
Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2019-2857
Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. Supported versions that are affected are 19.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework. Successful...
NVIDIA Nemo Framework Code Issue Vulnerability
NVIDIA Nemo Framework is a framework for building and deploying generative AI models from NVIDIA. The NVIDIA Nemo Framework contains a security vulnerability that can be exploited by attackers to cause code execution, elevation of privilege, information disclosure, and data tampering...
Exploit for CVE-2025-55183
CVE-2025-55183 - Next.js RSC Server Function Source Code Discl...
Exploit for CVE-2025-55182
CVE-2025-55182 / CVE-2025-66478 Vulnerability Scanner React...
AZL-71647 CVE-2025-12385 affecting package qt5-qtdeclarative 5.12.5-5
Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick...
Android Security Bulletin—December 2025Stay organized with collectionsSave and categorize content based on your preferences.
This Android Security Bulletin contains details of security vulnerabilities that affect Android devices. Security patch levels of 2025-12-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Within 48 hours afte...
TencentOS Server 3: .NET 8.0 (TSSA-2024:0048)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0048 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence AI inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. "These vulnerabilities all traced back to t...
CVE-2025-23361
NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and da...
CVE-2025-23361
CVE-2025-23361 affects NVIDIA NeMo Framework. A vulnerability in a script allows malicious input to control code generation, with potential code execution, privilege escalation, information disclosure, and data tampering. Affected product: NVIDIA NeMo Framework (version context shows 2.0.3 in one...
CVE-2025-62800
FastMCP (Python framework for MCP apps) is affected prior to version 2.13.0 by a reflected XSS in the OAuth client callback page (oauth_callback.py). The vulnerability occurs when unescaped user-controlled values are inserted into the generated HTML, enabling arbitrary JavaScript execution in the...
Linux Distros Unpatched Vulnerability : CVE-2025-61770
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser buffers the entire multipart preamble bytes...