GHSA-7JX7-3846-M7W7 Craft CMS Vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior

Relationship to Previously Patched Vulnerability This vulnerability is in addition to the RCE vulnerability patched in GHSA-255j-qw47-wjh5. That advisory addressed a similar RCE vulnerability that affected two specific routes: - /index.php?p=admin%2Factions%2Ffields%2Fapply-layout-element-setting...

kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...

kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...

ALSA-2026:2264 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it CVE-2025-38403 kernel: net: use dstdevrcu in sksetupcaps CVE-2025-40170 kernel: ipv6: use RCU in ip6xmit...

CVE-2020-37119

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute shellcode through a...

CVE-2020-37080

CVE-2020-37080 affects webTareas 2.0.p8, where the print_layout.php administration component contains a file-deletion vulnerability. The vulnerable element is the server-side handling of the atttmp1 parameter, which can be manipulated to delete arbitrary files on the server. Documents consistentl...

CVE-2020-37080 webTareas 2.0.p8 - Arbitrary File Deletion

webTareas 2.0.p8 contains a file deletion vulnerability in the printlayout.php administration component that allows authenticated attackers to delete arbitrary files. Attackers can exploit the vulnerability by manipulating the 'atttmp1' parameter to specify and delete files on the server through ...

CVE-2020-37080 webTareas 2.0.p8 - Arbitrary File Deletion

webTareas 2.0.p8 contains a file deletion vulnerability in the printlayout.php administration component that allows authenticated attackers to delete arbitrary files. Attackers can exploit the vulnerability by manipulating the 'atttmp1' parameter to specify and delete files on the server through ...

CVE-2026-22778

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. A remote attacker can exploit this vulnerability by sending a specially crafted video URL to vLLM's multimodal endpoint. This action causes vLLM to leak a heap memory address, significantly reducing the...

UBUNTU-CVE-2025-67477

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from before...

CVE-2025-67477

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from before...

PT-2026-5830

webTareas 2.0.p8 contains a file deletion vulnerability in the print layout.php administration component that allows authenticated attackers to delete arbitrary files. Attackers can exploit the vulnerability by manipulating the 'atttmp1' parameter to specify and delete files on the server through...

Mozilla Firefox Code Execution Vulnerability (CNVD-2026-11797)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability due to a use-after-release in the Layout: Scroll and Overflow component. An attacker can exploit this vulnerability to execute arbitrary code...

CVE-2020-37043

10-Strike Bandwidth Monitor 3.9 contains a buffer overflow vulnerability that allows attackers to bypass SafeSEH, ASLR, and DEP protections through carefully crafted input. Attackers can exploit the vulnerability by sending a malicious payload to the application's registration key input, enabling...

CVE-2026-23569

An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows a remote attacker to leak stack memory and cause a denial of service via a crafted request. The leaked stack memory could be used ...

PT-2026-5483

Name of the Vulnerable Software and Affected Versions 10-Strike Bandwidth Monitor version 3.9 Description The software contains a buffer overflow issue that allows attackers to bypass SafeSEH, ASLR, and DEP protections. Exploitation occurs through crafted input sent to the application’s...

CVE-2026-23569

An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows a remote attacker to leak stack memory and cause a denial of service via a crafted request. The leaked stack memory could be used ...

EUVD-2026-4992

An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. The leaked...

[SECURITY] Fedora 42 Update: perl-HarfBuzz-Shaper-0.033-1.fc42

HarfBuzz::Shaper is a perl module that provides access to a small subset of the native HarfBuzz library. The subset is suitable for typesetting programs that need to deal with complex languages like Devanagari. This module is intended to be used with module L...

[SECURITY] Fedora 43 Update: perl-HarfBuzz-Shaper-0.033-2.fc43

HarfBuzz::Shaper is a perl module that provides access to a small subset of the native HarfBuzz library. The subset is suitable for typesetting programs that need to deal with complex languages like Devanagari. This module is intended to be used with module L...