27011 matches found
CVE-2026-20446
In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service, if an attacker has physical access to the device, with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09963054; Issue ID:...
CVE-2026-20446
CVE-2026-20446 affects MediaTek chipsets’ secure boot implementation, with an out-of-bounds write caused by integer overflow that can lead to local denial of service when an attacker has physical access and user privileges. Exploitation requires no user interaction. A patch is available (ALPS0996...
PT-2026-30930
OpenHarness prior to commit 166fcfe contains an improper access control vulnerability in built-in file tools due to inconsistent parameter handling in permission enforcement, allowing attackers who can influence agent tool execution to read arbitrary local files outside the intended repository...
PT-2026-30994
An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI...
PT-2026-30996
The Semtech LR11xx LoRa transceivers implement secure boot functionality using digital signatures to authenticate firmware. However, the implementation uses a non-standard cryptographic hashing algorithm that is vulnerable to second preimage attacks. An attacker with physical access to the device...
PT-2026-30791
Name of the Vulnerable Software and Affected Versions Versions prior to patch ALPS09963054 Description An out-of-bounds write issue exists in secure boot due to an integer overflow. This could result in a local denial of service if an attacker has physical access to the device and user execution...
Semtech LR11xx LoRa 安全漏洞
Semtech LR11xx LoRa is a series of low-power wireless communication chips developed by the American company Semtech. The Semtech LR11xx LoRa device has a security vulnerability, which stems from the use of non-standard encryption hash algorithms that are vulnerable to secondary image attacks. Thi...
Linux Distros Unpatched Vulnerability : CVE-2026-4631
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An...
CVE-2026-35452
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesyste...
CVE-2026-35452
WWBN AVideo (versions 26.0 and prior) is affected by CVE-2026-35452 due to unauthenticated access to CloneSite/plugin/CloneSite/client.log.php, which serves clone operation logs containing internal filesystem paths, remote server URLs, and SSH metadata. The vulnerability arises because this endpo...
CVE-2026-35452
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesyste...
EUVD-2026-19313
Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline to be executed...
Malicious code in nerite-security-audit (npm)
Collects and exfiltrates sensitive data env vars, SSH keys, keystores, history via HTTPS and DNS. Suspicious domain and disabled SSL validation. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87776a4e480d244c862e76238cd498aa49bd919403dad6de21a85326d6b451ed The...
vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin
A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system OS command injection vulnerability exists in the netrw standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the scp://...
vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin
A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system OS command injection vulnerability exists in the netrw standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the scp://...
vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin
A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system OS command injection vulnerability exists in the netrw standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the scp://...
CLEANSTART-2026-DM62512 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 0.35.0-r0
Multiple security vulnerabilities affect the sealed-secrets package. These issues are resolved in later releases. See references for individual vulnerability details...
GuvenliWebYazilimiGelistirme-CipherNone-
🛡️ CipherNone: JWT "alg: none" Vulnerability & Hardening Lab...
SecPI: Secure Code Generation with Reasoning Models Via Security Reasoning Internalization
Reasoning language models RLMs are increasingly used in programming. Yet, even state-of-the-art RLMs frequently introduce critical security vulnerabilities in generated code. Prior training-based approaches for secure code generation face a critical limitation that prevents their direct applicati...
PT-2026-30336
Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without authentication. Other endpoints in the CloneSite plugin directory enforce User::isAdmin. The log contains...