1249 matches found
CVE-2026-24823 A heap-based buffer over-read or buffer overflow vulnerability in FASTSHIFT/X-TRACK
Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in FASTSHIFT X-TRACK Software/X-Track/USER/App/Utils/lvimgpng/PNGdec/src modules. This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7...
CVE-2026-24823 A heap-based buffer over-read or buffer overflow vulnerability in FASTSHIFT/X-TRACK
Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in FASTSHIFT X-TRACK Software/X-Track/USER/App/Utils/lvimgpng/PNGdec/src modules. This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7...
X-TRACK security vulnerabilities
X-TRACK is a GPS cycling speedometer developed by VIFEX personal developers, which supports offline maps and track recording. X-TRACK versions 2.7 and earlier had security vulnerabilities, stemming from buffer copying operations in the inflate.C program file, which allowed out-of-bounds writes an...
MiracleLinux 9 : webkit2gtk3-2.40.5-1.el9 (AXSA:2023-6828:17)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6828:17 advisory. webkitgtk: arbitrary code execution CVE-2023-32393 webkitgtk: bypass Same Origin Policy CVE-2023-38572 webkitgtk: Processing web content may lead to...
CVE-2020-36926
SmarterTrack 7922 contains an information disclosure vulnerability in the Chat Management search form that reveals agent identification details. Attackers can access the vulnerable /Management/Chat/frmChatSearch.aspx endpoint to retrieve agents' first and last names along with their unique...
CVE-2025-12957 All-in-One Video Gallery <= 4.5.7 - Authenticated (Author+) Arbitrary File Upload via VTT Upload Bypass
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 4.5.7. This is due to insufficient file type validation detecting VTT files, allowing double extension files to bypass sanitization while being accepted as a valid VTT...
OSV-2026-57 Heap-buffer-overflow in mkv::matroska_segment_c::TrackInit
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=475261418 Crash type: Heap-buffer-overflow READ 1 Crash state: mkv::matroskasegmentc::TrackInit mkv::matroskasegmentc::TrackInit mkv::matroskasegmentc::ParseTrackEntry...
kernel: mm: slub: avoid wake up kswapd in set_track_prepare
A deadlock lock recursion vulnerability exists in the linux kernel such that when CONFIGDEBUGOBJECTSTIMERS is set, may wake up kswapd in settrackprepare, and try to hold the percpuhrtimerbases lock...
CVE-2023-49188
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZealousWeb Track Geolocation Of Users Using Contact Form 7 allows Stored XSS.This issue affects Track Geolocation Of Users Using Contact Form 7: from n/a through 2.0...
CVE-2025-23536
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mndpsingh287 Track Page Scroll track-page-scroll allows Reflected XSS.This issue affects Track Page Scroll: from n/a through = 1.0.2...
CVE-2022-35865
This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of...
GHSA-P75G-CXFJ-7WRX vulnerabilities
Vulnerabilities for packages: dependency-track...
CVE-2025-1686 vulnerabilities
Vulnerabilities for packages: dependency-track...
GHSA-M6VM-37G8-GQVH vulnerabilities
Vulnerabilities for packages: dependency-track...
CVE-2023-22102 vulnerabilities
Vulnerabilities for packages: dependency-track...
GHSA-P75G-CXFJ-7WRX vulnerabilities
Vulnerabilities for packages: dependency-track...
GHSA-M6VM-37G8-GQVH vulnerabilities
Vulnerabilities for packages: dependency-track...
CVE-2025-1686 vulnerabilities
Vulnerabilities for packages: dependency-track...
CVE-2023-22102 vulnerabilities
Vulnerabilities for packages: dependency-track...
Hacktivists claim near-total Spotify music scrape
Hacktivist group Anna’s Archive claims to have scraped almost all of Spotify’s catalog and is now seeding it via BitTorrent, effectively turning a streaming platform into a roughly 300 TB pirate “preservation archive.” On its blog, the group states: “A while ago, we discovered a way to scrape...