PT-2026-24350

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.5 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. A heap-buffer-overflow read exists in the CIccXmlArrayType::DumpArray function, leading to out-of-bounds read...

firefox: thunderbird: Integer overflow in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Libraries component in NSS...

EUVD-2026-10295

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries DLLs. When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege...

CVE-2026-30896

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries DLLs. When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege...

Installer for Qsee Client may insecurely load Dynamic Link Libraries

Overview The installer for Qsee Client provided by Qsee contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-30896 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. report...

CVE-2026-30896

The CVE concerns Qsee Client before or equal to version 1.0.1, where the installer insecurely loads Dynamic Link Libraries (DLLs). The root cause is improper handling of DLL loading in the installer, enabling a local attacker to place a malicious DLL in the same directory and cause the affected i...

firefox: thunderbird: Integer overflow in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Libraries component in NSS...

firefox: thunderbird: Integer overflow in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Libraries component in NSS...

firefox: thunderbird: Integer overflow in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Libraries component in NSS...

firefox: thunderbird: Integer overflow in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Libraries component in NSS...

firefox: thunderbird: Integer overflow in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Libraries component in NSS...

firefox: thunderbird: Integer overflow in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Libraries component in NSS...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Coverage-Guided Multi-Agent Harness Generation for Java Library Fuzzing

Coverage-guided fuzzing has proven effective for software testing, but targeting library code requires specialized fuzz harnesses that translate fuzzer-generated inputs into valid API invocations. Manual harness creation is time-consuming and requires deep understanding of API semantics,...

RHEL 8 : thunderbird (RHSA-2026:3980)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3980 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox:...

ai.platon.gora:gora-core (=1.0.0), ai.platon.gora:gora-mongodb (=1.0.0) +1296 more potentially affected by CVE-2026-24308 via org.apache.zookeeper:zookeeper (>=3.9.0 <=3.9.4)

org.apache.zookeeper:zookeeper MAVEN version =3.9.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =1.1.1, =1.1.1, =1.1.1, =1.1.1, =1.1.2 and more Source cves: CVE-2026-24308 Source advisory: SNYK:JAVA-ORGAPACHEZOOKEEPER-15443353...

[SECURITY] Fedora 42 Update: python3.10-3.10.19-4.fc42

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

[SECURITY] Fedora 44 Update: python3.10-3.10.19-4.fc44

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

Security Bulletin: Vulnerability in openssl and openssl-libs affects IBM Db2 Data Management Console .

Summary openssl and openssl-libs open source library is used by IBM Db2 Data Management Console . This bulletin describes the upgrades necessary to address the vulnerability. Vulnerability Details CVEID:CVE-2023-0286 DESCRIPTION: There is a type confusion vulnerability relating to X.400 address...

AlmaLinux 9 : thunderbird (ALSA-2026:3516)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3516 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs...