3315 matches found
CVE-2025-67862
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...
CVE-2025-67862
Technical details for CVE-2025-67862 are not publicly available in the provided documents. Monitor for updates.
CVE-2025-67862
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...
CVE-2025-67862
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...
PT-2026-47805
Name of the Vulnerable Software and Affected Versions FortiOS versions 7.6.0 through 7.6.2 FortiOS versions 7.4.0 through 7.4.7 FortiOS versions 7.2.0 through 7.2.10 FortiOS versions 7.0.0 through 7.0.16 FortiOS versions 6.4 all versions FortiProxy versions 7.6.0 through 7.6.3 FortiProxy versions...
Fortinet Fortigate Restricted CLI escape using Lua (FG-IR-26-143)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-143 advisory. - An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS...
Fortinet FortiOS和Fortinet FortiProxy 安全漏洞
Fortinet FortiOS and Fortinet FortiProxy are products of the American company Fortinet. Fortinet FortiOS is a security operating system specifically designed for the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus...
CVE-2026-11487
A flaw was found in Neovim. A local user could exploit this vulnerability by manipulating the argument path in the M.read function within the runtime/lua/vim/secure.lua file. This can lead to command injection, allowing the attacker to execute arbitrary commands on the local system...
CVE-2026-11487
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
CVE-2026-11487 Neovim View Branch secure.lua M.read command injection
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
EUVD-2026-35018
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
CVE-2026-11487
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
CVE-2026-11487 Neovim View Branch secure.lua M.read command injection
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
CVE-2026-11487
CVE-2026-11487 affects Neovim up to 0.12.2. The vulnerability resides in the M.read function of runtime/lua/vim/secure.lua (View Branch). Manipulation of the argument path can lead to local command injection. An exploit has been published and may be used locally. A patch identified by f83e0dcaf8c...
PT-2026-47249
A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...
Linux Distros Unpatched Vulnerability : CVE-2026-11487
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch...
CVE-2026-41873
UNSUPPORTED WHEN ASSIGNED Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Pony Mail leading to admin account takeover. This issue affects all versions of the Lua implementation of Pony Mail. There is a Python implementation under development under t...
CVE-2026-43981
Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, in engine/luahandler.go, the sync.RWMutex protecting LoadCommonFunctions is released before L.Push and L.PCall execute. Since gopher-lua's LState is explicitly not goroutine-safe, concurrent requests race on the shared state...
CVE-2026-45721
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is asked for any URL path that resolves to a directory without an index file, DirPage walks upward through parent directories — past the configured server root — looking for a file named handler.lua to execute a...
CVE-2026-45728
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...