6424 matches found
📄 Google Chrome CSSFontFeatureValuesMap Use-After-Free
Google Chrome versions prior to 145.0.7632.75 CSSFontFeatureValuesMap use-after-free proof of concept exploit. When an iterator is created over a CSSFontFeatureValuesMap object and the underlying HashMap is mutated during iteration, a rehash operation occurs, freeing the original memory while the...
CVE-2025-68002
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through = 1.4.16...
SUSE CVE-2026-2044
GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...
CVE-2025-68002
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through = 1.4.16...
CVE-2025-68002
CVE-2025-68002 affects WordPress plugin Open User Map (<= 1.4.16). The issue is path traversal allowing arbitrary file download. Wordfence reports this as an active vulnerability with patched status; PatchStack notes the vulnerability as Open User Map
CVE-2025-68002 WordPress Open User Map plugin <= 1.4.16 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through = 1.4.16...
PT-2026-21068
Name of the Vulnerable Software and Affected Versions 100plugins Open User Map versions through 1.4.16 Description The software contains a flaw related to improper limitation of a pathname to a restricted directory, also known as Path Traversal. This allows unauthorized access to files and...
WordPress plugin Open User Map 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2026-26201
emp3r0r is a C2 designed by Linux users for Linux environments. Prior to version 3.21.2, multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process cra...
CVE-2026-26201 emp3r0r Affected by Concurrent Map Access DoS (panic/crash)
emp3r0r is a C2 designed by Linux users for Linux environments. Prior to version 3.21.2, multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process cra...
CVE-2026-26201 emp3r0r Affected by Concurrent Map Access DoS (panic/crash)
emp3r0r is a C2 designed by Linux users for Linux environments. Prior to version 3.21.2, multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process cra...
CVE-2026-26201
CVE-2026-26201 concerns emp3r0r, a Linux C2, with a race condition in multiple shared maps accessed across goroutines before version 3.21.2. Under concurrent activity, the Go runtime can trigger fatal error: concurrent map read and map write, causing the C2 process to crash (availability loss). T...
CVE-2026-26201 emp3r0r Affected by Concurrent Map Access DoS (panic/crash)
emp3r0r is a C2 designed by Linux users for Linux environments. Prior to version 3.21.2, multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process cra...
CVE-2026-25323
CVE-2026-25323 affects WordPress OSM plugin versions
WordPress plugin OSM 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2026-0665 Qemu-kvm: heap off-by-one in kvm xen physdevop_map_pirq
An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption...
CVE-2025-71228
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-71228
...
CVE-2025-71228
In the Linux kernel for LoongArch (32-bit), CVE-2025-71228 arises from an incorrect protection_map for VM_NONE/VM_SHARED. _PAGE_PROTNONE is treated as 0 on 32-bit, causing a Virtual Memory area to be VM_NONE or VM_SHARED and result in non-present pages, leading to a kernel Oops. The fix replaces ...
CVE-2025-71228
Removed by vendor...