CVE-2026-8295

The CVE-2026-8295 issue affects simdjson’s document-builder API, specifically the string_builder::escape_and_append() path. An integer overflow can occur when processing very large input strings on platforms with limited size_t width (e.g., 32-bit builds), causing insufficient buffer allocation a...

UBUNTU-CVE-2026-5655

SDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 allows denial of service...

UBUNTU-CVE-2026-6532

Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

UBUNTU-CVE-2026-6529

iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

EUVD-2026-26324

AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6528

TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service...

CVE-2026-6526

RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

CVE-2026-5407

SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6528

TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service...

Fedora 43 : wireshark (2026-f7473d3da8)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f7473d3da8 advisory. New version 4.6.4 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

OPENSUSE-SU-2026:10274-1 libwireshark19-4.6.4-1.1 on GA media

These are all security issues fixed in the libwireshark19-4.6.4-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-20732

Missing Authorization vulnerability in cookiebot Cookiebot cookiebot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cookiebot: from n/a through = 4.6.4...

GL.iNet AX1800 安全漏洞

The GL.iNet AX1800 is a wireless router from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in the GL.iNet AX1800 version 4.6.4 and 4.6.8, which stems from a competing condition in the opkg wrapper script that could lead to elevated privileges...

CVE-2025-67091

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...

CVE-2025-63016

Missing Authorization vulnerability in quadlayers QuadLayers TikTok Feed wp-tiktok-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QuadLayers TikTok Feed: from n/a through = 4.6.5...

EUVD-2021-34631

Malicious code in bioql PyPI...

warewulf4-4.6.4-1.1 on GA media (moderate)

warewulf4-4.6.4-1.1 on GA media Announcement ID: openSUSE-SU-2025:15537-1 Rating: moderate Cross-References: CVE-2025-58058 CVSS scores: CVE-2025-58058 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-58058 SUSE : 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N...

CVE-2024-29768

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Astra allows Stored XSS.This issue affects Astra: from n/a through 4.6.4...

CVE-2024-29141

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PDF Embedder allows Stored XSS.This issue affects PDF Embedder: from n/a through 4.6.4...

XunRuiCMS 代码问题漏洞

XunRuiCMS XunRuiCMS is a content management system for individual developers of XunRuiCMS. A code issue vulnerability exists in XunRuiCMS version 4.6.4 and prior versions, which stems from a deserialization issue contained in the thumb parameter of /Control/Api/Api.php...