169253 matches found
MINI-RHWG-MXWM-3HRQ
Bulletin has no description...
MINI-9G35-C55Q-6PP7
Bulletin has no description...
ECHO-81B6-9726-71C6
Bulletin has no description...
ECHO-D378-1B5A-F13E
Bulletin has no description...
ECHO-3E02-3A01-4AE3
Bulletin has no description...
EUVD-2026-37940
Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by exploiting the application's call to WinExec without a fully qualified path for RunDll32.exe when invoking shell32.dll ControlRunDLL input.dll. Attacker...
CVE-2026-25865
CVE-2026-25865 affects Punto Switcher 4.5.0.583. The vulnerability is an unquoted search path element invoked via WinExec when calling RunDll32.exe for shell32.dll Control_RunDLL input.dll, enabling local arbitrary code execution if an attacker places a malicious executable earlier in the search ...
DEBIAN-CVE-2026-55392
NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...
DEBIAN-CVE-2026-48937
A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a GOAWAY frame. This vulnerability affects two supported release lines: Node.js 22 and Node.js 24...
CGA-JG37-PM8G-67GR
Bulletin has no description...
CGA-4MWV-6XRJ-9CG9
Bulletin has no description...
CGA-CCX4-RJJQ-H4H8
Bulletin has no description...
CGA-4JCF-P633-VP8V
Bulletin has no description...
CGA-9QRG-V82J-WGCV
Bulletin has no description...
Security Bulletin: Vulnerability with the open source Perl Compatible Regular Expression (PCRE) library used in IBM Aspera Shares 1.9.2 and earlier
Question Security Bulletin: Vulnerability with the open source Perl Compatible Regular Expression PCRE library used in IBM Aspera Shares 1.9.2 and earlier "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM...
Security Bulletin: MySQL 0-day exploit (CVE-2016-6662)
Question Security Bulletin: MySQL 0-day exploit CVE-2016-6662 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All Versions","Edition":"","Line of...
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...
DEBIAN-CVE-2026-55204
HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpackdhtinsert within src/hpack-tbl.c that fails to validate the return value of hpackdhtdefrag when the memory pool is exhausted. An attacker can trigger HPACK dynamic table insertions under memo...
DEBIAN-CVE-2026-55203
HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...