CVE-2026-22165

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the...

PT-2026-36497

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A web page containing unusual WebGPU content loaded into the GPU GLES render process can trigger a write Use-After-Free UAF crash in the GPU GLES user-space shar...

CVE-2026-40342

A flaw was found in Firebird, an open-source relational database management system. An authenticated user with CREATE FUNCTION privileges can exploit a path traversal vulnerability in the external engine plugin loader. This allows an attacker to use a crafted engine name to load an arbitrary shar...

CVE-2026-40342

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE...

CVE-2026-40342

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE...

CVE-2026-40342

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE...

@agent-analytics/paperclip-live-analytics-plugin (>=0.1.1 <=0.1.11), @clawjedi/paperclip-plugin-chat (>=1.0.0 <=1.0.4) +16 more potentially affected by unknown CVE via @paperclipai/shared (>=2026.318.0-canary.0 <=2026.416.0-canary.1)

@paperclipai/shared NPM version =2026.318.0-canary.0, =0.1.1, =1.0.0, =0.0.1, =0.3.3, =0.1.0, =0.1.9, =2026.3.17-canary.0, =2026.3.17-canary.0, =2026.407.0-canary.5, =2026.3.17-canary.0, =2026.3.17-canary.2, =0.1.0, =2026.324.0-canary.0, =2026.325.0-canary.3 - corporateai =2026.328.0-canary.0 -...

@agent-analytics/paperclip-live-analytics-plugin (>=0.1.1 <=0.1.11), @clawjedi/paperclip-plugin-chat (>=1.0.0 <=1.0.4) +20 more potentially affected by unknown CVE via @paperclipai/shared (>=0.2.2 <=2026.416.0-canary.1)

@paperclipai/shared NPM version =0.2.2, =0.1.1, =1.0.0, =0.0.1, =0.3.1, =0.1.45, =0.1.0, =0.1.9, =2026.3.17-canary.0, =0.2.2, =0.1.0, =2026.3.17-canary.0, =0.2.2, =0.1.0, =2026.324.0-canary.0, =2026.325.0-canary.3 and more Source cves: unknown CVE Source advisory: OSV:GHSA-3PW3-V88X-XJ24...

[SECURITY] Fedora 44 Update: libpasraw-1.3.0-22.fc44

Provides shared library to interface Pascal program with libraw...

CVE-2026-40031 MemProcFS < 5.17 DLL/Shared Library Hijacking

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...

HDF5 Plugin 2.17.0 Path Audit

This script demonstrates a controlled security audit scenario targeting the HDF5 dynamic plugin loading mechanism. It compiles a shared C library that mimics a legitimate HDF5 filter plugin by implementing the required H5Zclass2t structure and registration functions H5PLgetplugintype,...

CVE-2021-28249

CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is ru...

CVE-2025-8404

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC exploit stack buffer via a crafted header and achieve arbitrary code execution of the BMC’s firmware operating system...

EUVD-2025-197953

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC exploit stack buffer via a crafted header and achieve arbitrary code execution of the BMC’s firmware operating system...

CVE-2025-8404

CVE-2025-8404 describes a stack buffer overflow in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC can trigger a crafted header to overflow a stack and achieve arbitrary code execution on the BMC firmware OS. The issue is assessed with CVSS 3.1: Network attack ...

CVE-2025-8404 Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC exploit stack buffer via a crafted header and achieve arbitrary code execution of the BMC’s firmware operating system...

CVE-2025-8404 Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC exploit stack buffer via a crafted header and achieve arbitrary code execution of the BMC’s firmware operating system...

PT-2025-47249

Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A stack buffer overflow exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC can exploit a stack buffer via a crafted header,...

Supermicro BMC 安全漏洞

The SuperMicro BMC is a firmware from SuperMicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in the Supermicro BMC Shared library that originates from a stack buffer overflow and could lead to arbitrary code execution...

MAL-2025-49096 Malicious code in example-icrc35-shared-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e7e6839f13b54dc75f2b851ec1c1e78a9bbf4591f438a2053c99658e5f60189 The package example-icrc35-shared-library was found to contain malicious code. Source: ossf-package-analysis...