Lucene search
K

1249 matches found

OSV
OSV
added 2026/01/27 8:59 a.m.4 views

CVE-2026-24823 A heap-based buffer over-read or buffer overflow vulnerability in FASTSHIFT/X-TRACK

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in FASTSHIFT X-TRACK Software/X-Track/USER/App/Utils/lvimgpng/PNGdec/src modules. This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7...

10CVSS5.9AI score0.00346EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/27 8:59 a.m.35 views

CVE-2026-24823 A heap-based buffer over-read or buffer overflow vulnerability in FASTSHIFT/X-TRACK

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in FASTSHIFT X-TRACK Software/X-Track/USER/App/Utils/lvimgpng/PNGdec/src modules. This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7...

10CVSS0.00346EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.8 views

X-TRACK security vulnerabilities

X-TRACK is a GPS cycling speedometer developed by VIFEX personal developers, which supports offline maps and track recording. X-TRACK versions 2.7 and earlier had security vulnerabilities, stemming from buffer copying operations in the inflate.C program file, which allowed out-of-bounds writes an...

10CVSS5.9AI score0.00346EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : webkit2gtk3-2.40.5-1.el9 (AXSA:2023-6828:17)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6828:17 advisory. webkitgtk: arbitrary code execution CVE-2023-32393 webkitgtk: bypass Same Origin Policy CVE-2023-38572 webkitgtk: Processing web content may lead to...

9.8CVSS8.8AI score0.01521EPSS
Exploits0References19
RedhatCVE
RedhatCVE
added 2026/01/16 11:31 p.m.6 views

CVE-2020-36926

SmarterTrack 7922 contains an information disclosure vulnerability in the Chat Management search form that reveals agent identification details. Attackers can access the vulnerable /Management/Chat/frmChatSearch.aspx endpoint to retrieve agents' first and last names along with their unique...

7.5CVSS6.3AI score0.00489EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/16 4:44 a.m.29 views

CVE-2025-12957 All-in-One Video Gallery <= 4.5.7 - Authenticated (Author+) Arbitrary File Upload via VTT Upload Bypass

The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 4.5.7. This is due to insufficient file type validation detecting VTT files, allowing double extension files to bypass sanitization while being accepted as a valid VTT...

8.8CVSS0.00598EPSS
Exploits0References2
OSV
OSV
added 2026/01/15 12:19 a.m.9 views

OSV-2026-57 Heap-buffer-overflow in mkv::matroska_segment_c::TrackInit

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=475261418 Crash type: Heap-buffer-overflow READ 1 Crash state: mkv::matroskasegmentc::TrackInit mkv::matroskasegmentc::TrackInit mkv::matroskasegmentc::ParseTrackEntry...

5.8AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/01/12 9:30 a.m.2 views

kernel: mm: slub: avoid wake up kswapd in set_track_prepare

A deadlock lock recursion vulnerability exists in the linux kernel such that when CONFIGDEBUGOBJECTSTIMERS is set, may wake up kswapd in settrackprepare, and try to hold the percpuhrtimerbases lock...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.4 views

CVE-2023-49188

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZealousWeb Track Geolocation Of Users Using Contact Form 7 allows Stored XSS.This issue affects Track Geolocation Of Users Using Contact Form 7: from n/a through 2.0...

5.9CVSS6AI score0.00386EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:46 a.m.5 views

CVE-2025-23536

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mndpsingh287 Track Page Scroll track-page-scroll allows Reflected XSS.This issue affects Track Page Scroll: from n/a through = 1.0.2...

7.1CVSS7.2AI score0.00342EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:39 a.m.7 views

CVE-2022-35865

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of...

9.8CVSS7.5AI score0.01503EPSS
Exploits0References1
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.3 views

GHSA-P75G-CXFJ-7WRX vulnerabilities

Vulnerabilities for packages: dependency-track...

7AI score
Exploits0
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.6 views

CVE-2025-1686 vulnerabilities

Vulnerabilities for packages: dependency-track...

6.8CVSS7AI score0.00782EPSS
Exploits1
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.2 views

GHSA-M6VM-37G8-GQVH vulnerabilities

Vulnerabilities for packages: dependency-track...

7AI score
Exploits0
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.5 views

CVE-2023-22102 vulnerabilities

Vulnerabilities for packages: dependency-track...

8.3CVSS9.6AI score0.00872EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.3 views

GHSA-P75G-CXFJ-7WRX vulnerabilities

Vulnerabilities for packages: dependency-track...

7AI score
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.2 views

GHSA-M6VM-37G8-GQVH vulnerabilities

Vulnerabilities for packages: dependency-track...

7AI score
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.5 views

CVE-2025-1686 vulnerabilities

Vulnerabilities for packages: dependency-track...

6.8CVSS7AI score0.00782EPSS
Exploits1
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.7 views

CVE-2023-22102 vulnerabilities

Vulnerabilities for packages: dependency-track...

8.3CVSS7AI score0.00872EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/23 12:28 p.m.8 views

Hacktivists claim near-total Spotify music scrape

Hacktivist group Anna’s Archive claims to have scraped almost all of Spotify’s catalog and is now seeding it via BitTorrent, effectively turning a streaming platform into a roughly 300 TB pirate “preservation archive.” On its blog, the group states: “A while ago, we discovered a way to scrape...

7.2AI score
Exploits0
Rows per page
Query Builder