53156 matches found
EUVD-2026-30536
Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure session ids. Apache::Session::Generate::SHA256 generated session ids insecurely. The default session id generator returns a SHA-256 hash of the built-in rand function, the epoch time, and the PID, that is hashed...
CVE-2026-8503
CVE-2026-8503 affects Apache::Session::Generate::SHA256 in Perl (versions before 1.3.19). The default ID generator creates a SHA-256 hash of sources with low entropy (rand(), epoch, PID) and hashes that result again, making session IDs predictable. This predictable randomness can enable an attack...
CVE-2026-43490
A flaw was found in ksmbd, a Linux kernel module that provides an in-kernel Server Message Block SMB server. A remote attacker could exploit this vulnerability by providing a malformed inheritable Access Control Entry ACE within a security descriptor. This could lead to an out-of-bounds read or...
CVE-2026-8454
Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The...
CVE-2026-8454
CVE-2026-8454 affects Imager::File::GIF (Perl) up to version 1.002. The root cause is a single per-row GifRow buffer sized to the GIF’s global SWidth being reused across multiple images, with a missing bounds check in the parallel skip-image path (DGifGetLine with Width) that can lead to a heap o...
nginx: NGINX: Arbitrary Code Execution Vulnerability
A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...
nginx: NGINX: Arbitrary Code Execution Vulnerability
A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...
CVE-2026-41969
Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-41971
Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-41968
Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-41962
Permission control vulnerability in the app management and control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
nginx: NGINX: Arbitrary Code Execution Vulnerability
A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...
Exploit for CVE-2026-42945
NGINX Rift RCE Proof of concept for CVE-2026-42945, a cri...
CVE-2026-41969
Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
EUVD-2026-30531
Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-41969
Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-41969
Technical details about CVE-2026-41969 are not publicly available in the provided documents. Monitor for updates from official sources.
CVE-2026-41969
Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-41968
Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability...
EUVD-2026-30532
Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability...