296 matches found
CVE-2026-46959
Technical details (affected product, vulnerable component, exploit information, or remediation) are not publicly available in the provided documents. Monitor for updates.
ImageMagick 输入验证错误漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 6.9.13-48 and 7.1.2-24 contained a vulnerability related to input validation errors. This vulnerability...
frr: denial of service via crafted BGP UPDATE message
A flaw was found in FRRouting FRR. An unauthenticated remote attacker can exploit an integer underflow vulnerability by supplying a specially crafted BGP Border Gateway Protocol UPDATE message. This issue can lead to a Denial of Service DoS...
PT-2026-45880
Name of the Vulnerable Software and Affected Versions GLPI versions 11.0.0 through 11.0.6 Description An issue exists where a technician can store a Cross-Site Scripting XSS payload within ITIL costs. XSS is a type of security flaw that allows an attacker to inject malicious scripts into web page...
CVE-2026-37711
An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-al...
UBUNTU-CVE-2026-46640
Unknown description...
SUSE CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
Astra Linux – Vulnerability in tar
In GNU tar before version 1.35, mishandling of extension attributes in a PAX archive can cause the application to crash in xheader.c...
CVE-2026-35240
CVE-2026-35240 describes a vulnerability in Oracle MySQL Server (component: Server: Optimizer) affecting 8.0.0–8.0.45, 8.4.0–8.4.8, and 9.0.0–9.6.0. The flaw allows a highly privileged attacker who can access the server over multiple network protocols to cause a hang or a repeatedly crashing stat...
CVE-2026-34292
...
CVE-2026-21998
...
CVE-2021-47960
A flaw was found in Synology SSL VPN Client. This vulnerability allows remote attackers to access sensitive files within the installation directory. By leveraging user interaction with a specially crafted web page, attackers can exploit a local HTTP server bound to the loopback interface to...
CVE-2026-3994
A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...
CVE-2026-4515 Foundation Agents MetaGPT operator.py code_generate code injection
A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function codegenerate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...
WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.10 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Client Invoicing by Sprout Invoices versions = 20.8.10...
CVE-2025-14456
IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1...
CVE-2026-21986
CVE-2026-21986 (Oracle VM VirtualBox) affects the Core component in Oracle VM VirtualBox, with affected releases 7.1.14 and 7.2.4. The issue can be exploited by a user who has logon to the infrastructure where VirtualBox runs, yielding an unauthenticated-like access path via a local attack vector...
CVE-2026-21966
...
CVE-2026-21938
...
CVE-2025-15032
Dia for macOS before 1.9.0 is vulnerable to spoofing of the window title due to a missing about:blank indicator in custom-sized new windows. The root cause is the absence of a visual cue (about:blank indicator) that can mislead users about the current site. Affected product: Dia (macOS). Impact: ...