1007 matches found
PT-2026-37318
Name of the Vulnerable Software and Affected Versions vLLM versions 0.6.1 through 0.19.x Description A Token Injection issue exists in the multimodal processing of vLLM. Unauthenticated, text-only prompts containing special tokens are interpreted as control commands. When image and video...
Pillow has an integer overflow when processing fonts
If a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This has been fixed...
GHSA-WJX4-4JCJ-G98J Pillow has an integer overflow when processing fonts
If a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This has been fixed...
PT-2026-37197
Name of the Vulnerable Software and Affected Versions Pillow versions prior to 12.2.0 Description An integer overflow can occur when the library tracks the current position if a font advances for each glyph by an excessively large amount. Recommendations Update to version 12.2.0...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011167)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011167 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing WHAT IGT kmscursorlegacy's...
CVE-2026-6643
A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...
CVE-2025-45057
D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ippositionasp function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-45057
D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ippositionasp function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-35544
A flaw was found in Roundcube Webmail. Insufficient sanitization of Cascading Style Sheets CSS in HTML email messages allows a remote attacker to bypass fixed-position mitigations. This can lead to a bypass of security controls designed to prevent certain types of attacks...
EUVD-2026-18591
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...
GHSA-XPQH-GRPW-4XMG Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...
Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...
CVE-2026-35544
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...
CVE-2026-35544
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...
UBUNTU-CVE-2026-35544
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...
CVE-2026-35544
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...
CVE-2026-35544
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...
CVE-2026-35544
CVE-2026-35544 affects Roundcube Webmail before 1.5.14 and 1.6.14. The issue is insufficient CSS sanitization in HTML emails, which may allow a fixed-position mitigation bypass via the use of !important. CVSS v3.1 base score 5.3 (Network, Low complexity, No privileges, No user interaction). The d...
CVE-2026-35544
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...
CVE-2026-35544
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important...