6 matches found
EUVD-2026-40988
In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete before the global observation of writes which are translated by an...
GHSA-2GG9-6P7W-6CPJ SandboxJS: Sandbox integrity escape
Summary SandboxJS blocks direct assignment to global objects for example Math.random = ..., but this protection can be bypassed through an exposed callable constructor path: this.constructor.calltarget, attackerObject. Because this.constructor resolves to the internal SandboxGlobal function and...
PT-2026-30272
Name of the Vulnerable Software and Affected Versions SandboxJS versions prior to 0.8.35 Description SandboxJS has a flaw where direct assignment to global objects is blocked, but this protection can be bypassed through a callable constructor path using this.constructor.calltarget, attackerObject...
Nextcloud Desktop Client 安全漏洞
Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany.Nextcloud Desktop Client is a desktop client application for Nextcloud. A security vulnerability exists in Nextcloud Desktop Client versions 3.13.1 through...
OpenPrinting CUPS Security Vulnerability
OpenPrinting CUPS is a standards-based, open source printing system for Linux® and other Unix®-like operating systems from OpenPrinting, Inc. A security vulnerability exists in OpenPrinting CUPS versions 2.4.8 and earlier, which originates when the cupsd server is started with a Listen...
An unspecified vulnerability exists in the Iteris Vantage Velocity Field Unit.
The Iteris Vantage Velocity Field Unit is a road monitoring field unit from Iteris USA. A security vulnerability exists in the Iteris Vantage Velocity Field Unit version 2.3.1 and 2.4.2, which originates from a program that assigns global writable privileges to the /root/cleardata.pl and...