40964 matches found
PT-2026-42880
A vulnerability was found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGReset Message Handler. Performing a manipulation results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made public and could be use...
PT-2026-42885
A weakness has been identified in QuantumNous new-api up to 0.12.1. The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of the component self Endpoint. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been...
PT-2026-42870
A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Handler. Performing a manipulation of the argument vapurl results in buffer overflow. The attack can be initiated remotely. The...
Linux Distros Unpatched Vulnerability : CVE-2026-8695
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 6.1.5 contains a use-after-free vulnerability in the gdbrthreadslist function that allows remote attackers to trigger memory corruption by sending a val...
CVE-2026-46727
An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler rbgetaddrinfo in ext/socket/raddrinfo.c allows a remote attacker who can delay DNS responses near the user-specified timeout to crash a Ruby process that...
Microsoft Copilot Tampering Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...
CVE-2026-6474
A flaw was found in PostgreSQL. This vulnerability, an externally-controlled format string in the timeofday function, allows a remote attacker to craft specific timezone zones. Successful exploitation can lead to the retrieval of sensitive portions of server memory, potentially disclosing...
EUVD-2026-31245
A time-of-check time-of-use TOCTOU condition in the adflush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...
Netatalk SQL注入漏洞
Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.0 to 4.4.2 of Netatalk have a SQL injection vulnerability. This vulnerability stems from the MySQL CNID backend’s SQL...
Astra Linux - уязвимость в chromium
In accessibility settings within Google Chrome, before version 112.0.5615.49, it was possible for a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
Before version 97.0.4692.71, using Free after PDF accessibility in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
The use of after-free in Cast in Google Chrome before version 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
A heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
The use of “after free” in PDFs in Google Chrome before version 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption through a crafted PDF file. Chromium security severity: High...
Astra Linux - уязвимость в chromium
The use of after-free in WebRTC in Google Chrome before version 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Using “after free” in the Browser History of Google Chrome before version 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chrome security severity: High...
Astra Linux - уязвимость в gpac
A vulnerability was discovered in GPAC version 2.4. It has been rated as problematic. The affected function is gfdashdownloadinitsegment in the file src/mediatools/dashclient.c. Manipulating the baseiniturl argument leads to a null pointer dereference. This attack can be launched remotely. The...
Astra Linux - уязвимость в chromium
Before version 94.0.4606.54, using the "after free" mechanism in the File System API in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
A heap buffer overflow in WebAudio in Google Chrome prior to version 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in the WebUI of Google Chrome prior to version 124.0.6367.60 allowed a remote attacker to bypass the content security policy through a crafted HTML page. Chromium security severity: Low...