40978 matches found
PT-2026-42876
A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory corruption. The attack may be launched remotely. The exploit is now public and may be used. It is...
PT-2026-42880
A vulnerability was found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGReset Message Handler. Performing a manipulation results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made public and could be use...
PT-2026-42885
A weakness has been identified in QuantumNous new-api up to 0.12.1. The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of the component self Endpoint. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-46727
An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler rbgetaddrinfo in ext/socket/raddrinfo.c allows a remote attacker who can delay DNS responses near the user-specified timeout to crash a Ruby process that...
Linux Distros Unpatched Vulnerability : CVE-2026-8695
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 6.1.5 contains a use-after-free vulnerability in the gdbrthreadslist function that allows remote attackers to trigger memory corruption by sending a val...
Microsoft Copilot Tampering Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...
CVE-2026-6474
A flaw was found in PostgreSQL. This vulnerability, an externally-controlled format string in the timeofday function, allows a remote attacker to craft specific timezone zones. Successful exploitation can lead to the retrieval of sensitive portions of server memory, potentially disclosing...
EUVD-2026-31245
A time-of-check time-of-use TOCTOU condition in the adflush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...
Netatalk SQL注入漏洞
Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.0 to 4.4.2 of Netatalk have a SQL injection vulnerability. This vulnerability stems from the MySQL CNID backend’s SQL...
Astra Linux - уязвимость в chromium
Before version 114.0.5735.90, read and write access in ANGLE using Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Memory access out of bounds in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in the WebUI of Google Chrome prior to version 124.0.6367.60 allowed a remote attacker to bypass the content security policy through a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
A heap buffer overflow in ANGLE in Google Chrome prior to version 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Using “after free” in WebRTC in Google Chrome before version 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
The use of “after free” in PDFs in Google Chrome before version 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption through a crafted PDF file. Chromium security severity: High...
Astra Linux - уязвимость в chromium
A heap buffer overflow in the Metrics component of Google Chrome prior to version 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
The use of after-free in the Network mechanism in Google Chrome before version 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption through a malicious file. Chromium security severity: High...
Astra Linux - уязвимость в chromium
In accessibility settings within Google Chrome, before version 112.0.5615.49, it was possible for a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: Medium...