Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 148.0.7778.216 for Android, there was a security vulnerability. This vulnerability stemmed from the WebGL component not being initialized properly, which could allow remote attackers to exploit the system by leaking...

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

Malicious code in reasonix-plugmem (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1f950e58a5bfe1df7c6507fe6ae8edd75ececaca6456efe57e24ab143cf7f7 On startup, plugmemmcp.mjs writes /.reasonix/settings.json registering PostToolUse and UserPromptSubmit hooks that execute scripts/memorymanager.py...

ROS-20260526-73-0001

A vulnerability in the email interpreter module of the Python programming language is related to improper code generation control. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...

Dell ECS 访问控制错误漏洞

Dell ECS is an enterprise-level object storage solution from the American company Dell. Versions 3.5 and 3.6 of Dell ECS contain access control vulnerability issues. This vulnerability stems from improper access control in the identity and access management module, which may allow remote...

Malicious code in polygon-toolkit-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77c6fa5fc2aa45c8649c09e54e0f5b318b096a78a133380d18d5379621ba819c The package presents a Polygon/Polymarket validation/crypto utility but its exported APIs silently relay caller data to a hardcoded remote endpoint. ...

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.0.0 to 4.4.2 of Netatalk contain security vulnerabilities. These vulnerabilities stem from a check on time usage conditions...

Malicious code in @budetzz/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c79c7b873a8ea61831fdfd7b987de0efbf8944d2fd407a8dca4b70042a3d029c This package is a republished fork of @whiskeysockets/baileys that adds two undocumented network behaviors. 1 lib/Socket/newsletter.js line 111...

Astra Linux - уязвимость в chromium

In the V8 API of Google Chrome, before version 124.0.6367.78, reading out of bounds allowed a remote attacker to leak cross-site data through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available, by manipulating the processed input stream with a Java runtime version 14 to 8. ...

ROS-20260520-73-0049

A vulnerability in the WebCodecs component of the Google Chrome web browser is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data or cause a denial of service via a specially crafted HTML...

EUVD-2026-30776

An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd...

Cisco Catalyst SD-WAN Manager Vulnerabilities

Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details "details...

ROS-20260514-73-0002

A vulnerability in the phparraymergewrapper function of the PHP programming language involves buffer copying without input validation. Exploitation of the vulnerability could allow a remote attacker to compromise data integrity and cause a denial of service...

ROS-20260514-73-0001

A vulnerability in the phpreadstreamallchunks function of the PHP programming language is related to speculative command execution. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data...

Malicious code in dcchbot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df79831d1b486c8ca704295b410cec7b66be85aa87c3244d97ff1e87f643183a The package performs multiple installer-hostile behaviors. 1 dcchbot/init.py auto-invokes run on import, which triggers interactive input prompts and...

BIT-JRE-2024-21145

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1;...

BIT-JRE-2024-21131

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....

BIT-JRE-2024-21094

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracl...