CVE-2025-48636

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Wear OS 安全漏洞

Google Wear OS is an operating system developed by Google Inc., specifically designed for smart watches, smart bracelets, and other wearable devices. There is a security vulnerability in Google Wear OS, which stems from an error in the openFile function in BugReportContentProvider.java that allow...

Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-boynux-squidexporter: Update to version 1.13.0 jscPED-14971 Add support for squid-internal-mgr path for metrics. Update to version 1.12.0 Add...

SUSE-SU-2026:0628-1 Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Non-customer-facing optimization around source building golang-github-boynux-squidexporter: - Update to version 1.13.0 jscPED-14971 - Add support for squid-internal-mgr path for metrics. - Update to version...

CVE-2026-2044

GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

VulnCheck KEV: CVE-2024-6250

An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in the openfile endpoint of lollmsadvanced.py. The sanitizepath function with allowabsolutepath=True allows an attacker to access arbitrary files and directories on a Windows system. This vulnerability can...

SUSE CVE-2026-23205

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client: dd if=/dev/zero of=/mnt/file bs=512 count=1000 oflag=direct 4...

CVE-2026-23205

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client: dd if=/dev/zero of=/mnt/file bs=512 count=1000 oflag=direct 4...

CVE-2026-23205 smb/client: fix memory leak in smb2_open_file()

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client: dd if=/dev/zero of=/mnt/file bs=512 count=1000 oflag=direct 4...

CVE-2026-23205

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client: dd if=/dev/zero of=/mnt/file bs=512 count=1000 oflag=direct 4...

CVE-2026-23205

The CVE-2026-23205 entry describes a memory leak in the Linux kernel SMB/CIFS client (smb2_open_file()). The provided reproducer shows a scenario with a read-only CIFS export, client mount, and module removal that triggers a leak during cleanup of SMB request buffers, leading to a kmem_cache leak...

CVE-2026-23205 smb/client: fix memory leak in smb2_open_file()

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client: dd if=/dev/zero of=/mnt/file bs=512 count=1000 oflag=direct 4...

Linux Distros Unpatched Vulnerability : CVE-2026-23205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client...

CVE-2026-21322

After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...

CVE-2020-37140 Everest 5.50.2100 - 'Open File' Denial of Service

Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigge...

CVE-2020-37140

CVE-2020-37140 affects Everest/AIDA64 (version 5.50.2100). The vulnerability is a denial of service in the file-open dialog: a crafted 450-byte buffer of repeated characters pasted into the dialog crashes the application. Exploitation is local and requires user interaction; the attacker must inte...

CVE-2020-37140 Everest 5.50.2100 - 'Open File' Denial of Service

Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigge...

EUVD-2026-4895

Stored Cross-Site Scripting XSS vulnerability in the PDF file upload functionality of Live Helper Chat, versions prior to 4.72. An attacker can upload a malicious PDF file containing an XSS payload, which will be executed in the user's context when they download and open the file via the link...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001383)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001383 advisory. In configfsopenfile of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System...

CVE-2023-25006

A malicious actor may convince a user to open a malicious USD file that may trigger a use-after-free vulnerability which could result in code execution...