30559 matches found
CVE-2026-30277
An arbitrary file overwrite vulnerability in PDF Reader App : TA/UTAX Mobile Print v3.7.2.251001 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CVE-2026-30277
An arbitrary file overwrite vulnerability in PDF Reader App : TA/UTAX Mobile Print v3.7.2.251001 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
📄 NLTK 3.9.2 Arbitrary File Read / Path Traversal
NLTK versions 3.9.2 and below suffer from an arbitrary file read issue due to a path traversal vulnerability. CVE-2026-0847 — NLTK Multiple CorpusReader Classes: Arbitrary File Read via Path Traversal --- Overview | Field | Details | |---|---| | CVE ID | CVE-2026-0847 | | Package | nltk Natural...
Foxit Reader List Box Calculate Array Use-After-Free Vulnerability
Talos Vulnerability Report TALOS-2026-2365 Foxit Reader List Box Calculate Array Use-After-Free Vulnerability March 31, 2026 CVE Number CVE-2026-3779 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader handles an Array object. A specially crafted JavaScript code inside a malicio...
UBUNTU-CVE-2025-66037
OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzzpkcs15reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, scpkcs15pubkeyfromspkifields allocates a zero-length buffer...
Linux Distros Unpatched Vulnerability : CVE-2016-20043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument ...
com.linkedin.transport:transportable-udfs-test-trino (>=0.1.19 <=0.1.22), com.linkedin.transport:transportable-udfs-trino-plugin (>=0.1.19 <=0.1.22) +8 more potentially affected by CVE-2026-34214 via io.trino:trino-main (>=439 <=479)
io.trino:trino-main MAVEN version =439, =0.1.19, =0.1.19, =464, =439, =472, =439, =439, =439, =439, =464, =472 Source cves: CVE-2026-34214 Source advisory: SNYK:JAVA-IOTRINO-15857194...
[SECURITY] Fedora 42 Update: rust-tar-0.4.45-1.fc42
A Rust implementation of a TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all at once...
[SECURITY] Fedora 42 Update: rust-astral-tokio-tar-0.6.0-1.fc42
A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...
EUVD-2016-10841
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the...
CVE-2016-20043
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the...
CVE-2016-20043
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the...
CVE-2016-20043
NRSS RSS Reader 0.3.9-1 is affected by a local stack buffer overflow. An attacker can pass an oversized argument to the -F parameter, crafting input with 256 bytes of padding followed by a controlled EIP value to overwrite the return address and execute arbitrary code. This is a local vulnerabili...
CVE-2016-20043 NRSS RSS Reader 0.3.9-1 Stack Buffer Overflow
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the...
Denial Of Service
Netty is vulnerable to Denial of Service. The vulnerability is due to the lack of a limit on the number of CONTINUATION frames in Netty's DefaultHttp2FrameReader, where an attacker can send a flood of CONTINUATION frames with zero-byte payloads, bypassing existing size-based mitigations and causi...
[SECURITY] Fedora 43 Update: rust-astral-tokio-tar-0.6.0-1.fc43
A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...
[SECURITY] Fedora 43 Update: rust-tar-0.4.45-1.fc43
A Rust implementation of a TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all at once...
SUSE CVE-2026-32750
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importStdMd passes the localPath parameter directly to model.ImportFromLocalPath with zero path validation. The function recursively reads every file under the given path and permanently stores their...
SUSE CVE-2026-32767
SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlyin...
[SECURITY] Fedora 44 Update: rust-reqsign-file-read-tokio-3.0.0-1.fc44
Tokio-based file reader implementation for reqsign...