4928 matches found
Astra Linux – Vulnerability in cups
The vulnerability of the cupsSNMPStringToOID function in the CUPS printing server is related to the escape from the global buffer. Exploiting this vulnerability allows an attacker to access confidential data and also cause service failures...
Astra Linux – Vulnerability in libxml2
The vulnerability of the xmlMemStrdup function in the Libxml2 library is related to pointer manipulation errors. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux – Vulnerability in coreutils
The vulnerability of the GNU Core Utilities basic utility package relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerabilities of the negotiation mechanisms for SSL and GSS in the PostgreSQL database management system allow attackers to induce service failures.
The vulnerability of the negotiation mechanisms for SSL and GSS in the PostgreSQL database management system is related to an uncontrolled recursion. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service interruptions...
PT-2026-42219
NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or...
The vulnerability of the ngx_quic_module module in NGINX Plus and NGINX Open Source web servers allows a attacker to cause a service failure.
The vulnerability of the ngxquicmodule module in NGINX Plus and NGINX Open Source web servers relates to the bypassing of authentication processes through spoofing. Exploiting this vulnerability can allow a malicious actor to cause service failures...
CVE-2026-31243
The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...
The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to access confidential data or cause a service failure
The vulnerability of the console-based graphic editor ImageMagick is related to the execution of operations beyond the buffer boundaries. Exploiting this vulnerability can allow a remote attacker to access confidential data or cause service interruptions...
The vulnerability of the h.265 Libde265 codec implementation allows a hacker to trigger a service failure.
The vulnerability of the h.265 Libde265 implementation lies in the copying of buffers without checking the input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the MSLEndElement() function in the coders/msl.c component of the ImageMagick console graphics editor allows a hacker to cause a service failure.
The vulnerability of the MSLEndElement function in the ImageMagick console graphics editor’s coders/msl.c component is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2026-31243
The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...
Intel QAT software drivers for Windows 代码问题漏洞
Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. There are code-related vulnerabilities in Intel QAT software drivers for Windows versions prior to 2.6.0. These vulnerabilities ste...
CVE-2026-31216
The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion vulnerability in its file management API. The DELETE /storage/objectname:path endpoint lacks authentication, authorization, and input validation mechanisms. Unauthenticated remote attackers can send craft...
The vulnerability of the RxRPC module in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the RxRPC module in the Linux operating system’s kernel arises due to improper handling of fragmented packages and mechanisms for copying data into socket buffers. Exploiting this vulnerability allows an attacker to cause service failures...
Vim text editor’s `:find` function vulnerability, allowing a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the :find function in the text editor Vim is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause service interruptions...
CVE-2026-31243
The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...
CVE-2026-31243
The CVE-2026-31243 entry concerns the mem0 1.0.0 server, where the DELETE /memories endpoint lacks authentication/authorization controls. An unauthenticated attacker can trigger a memory reset that executes a CREATE TABLE SQL statement, potentially re-creating or altering schemas, causing data lo...
vLLM 输入验证错误漏洞
vLLM is an open-source inference and service engine designed for LLM models, featuring high throughput and efficient memory usage. Versions of vLLM prior to 0.6.1 to 0.20.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from token injection issues during...
EUVD-2026-29053
A security flaw has been discovered in Open5GS up to 2.7.7. This issue affects the function smfnsmfhandleupdatedatainvsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipulation results in denial of service. The attack can be executed remotely. The exploit has been released to...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017694)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017694 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...