6 matches found
CVE-2026-33335
CVE-2026-33335 affects Vikunja Desktop (Electron wrapper). From version 0.21.0 up to before 2.2.0, the wrapper forwards URLs from window.open() directly to shell.openExternal() without validation or protocol allowlisting. This enables an attacker who can inject a link that triggers window.open (e...
CVE-2025-47373
Memory Corruption when accessing buffers with invalid length during TA invocation...
EUVD-2025-208183
Memory Corruption when accessing buffers with invalid length during TA invocation...
CVE-2025-47373
Memory Corruption when accessing buffers with invalid length during TA invocation...
CVE-2025-47373
CVE-2025-47373 describes a memory corruption / out-of-bounds condition when accessing buffers with invalid length during a Trust Authority (TA) invocation in an automotive context. The CVSSv3.1 base score is 7.8 (High) with LOCAL attack vector, LOW privileges required, no user interaction, and fu...
PT-2026-22639
Name of the Vulnerable Software and Affected Versions affected versions not specified Description A memory corruption issue exists when accessing buffers with an invalid length during a Trusted Application TA invocation. This can lead to unpredictable behavior or potential compromise of the syste...