582 matches found
NewStart CGSL MAIN 6.06 (SP) : ncurses Multiple Vulnerabilities (NS-SA-2026-0020)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has ncurses packages installed that are affected by multiple vulnerabilities: - In ncurses 6.0, there is a format string vulnerability in the fmtentry function. A crafted input will lead to a remote arbitrary code execution attack...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005728)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005728 advisory. In the Linux kernel, the following vulnerability has been resolved: recordmcount: Fix memory leaks in the uwrite function Common realloc mistake: 'fileappend' nulled...
CVE-2026-3463
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005423)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005423 advisory. In the Linux kernel, the following vulnerability has been resolved: recordmcount: Fix memory leaks in the uwrite function Common realloc mistake: 'fileappend' nulled...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the xlnt::detail::binarywriter::append function in the Compound Document Parser process. An attacker can cause a heap-based buffer overflow by providing specially crafted input to this function during loca...
CVE-2026-3463
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...
CVE-2026-3463
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...
CVE-2026-3463
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...
PT-2026-22730
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binary writer::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...
xlnt 安全漏洞
xlnt is an open-source C++ language library developed by the xlnt-community. Versions of xlnt 1.6.1 and earlier contain security vulnerabilities. These vulnerabilities stem from a buffer overflow vulnerability in the function xlnt::detail::binarywriter::append located in the...
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...
CVE-2026-25628
Qdrant is a vector similarity search engine and vector database. From 1.9.3 to before 1.16.0, it is possible to append to arbitrary files via /logger endpoint using an attacker-controlled ondisk.logfile path. Minimal privileges are required read-only access. This vulnerability is fixed in 1.16.0...
CVE-2026-25628
Qdrant is a vector similarity search engine and vector database. From 1.9.3 to before 1.16.0, it is possible to append to arbitrary files via /logger endpoint using an attacker-controlled ondisk.logfile path. Minimal privileges are required read-only access. This vulnerability is fixed in 1.16.0...
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...
CLEANSTART-2026-MB75553 vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record
Multiple security vulnerabilities affect the playwright-python package. A vulnerability was found in Avahi, where a reachable assertion exists in avahidnspacketappendrecord. See references for individual vulnerability details...
OESA-2026-1265 glibc security update
The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...