Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to insufficient bounds checking in the objdirective function. An attacker can cause heap memory corruption, application crash, or execute arbitrary code by submitting a specially crafted .asm file...

CVE-2026-6067

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...

CVE-2026-6067

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...

UBUNTU-CVE-2026-6067

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...

Arbitrary Code Injection

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Arbitrary Code Injection in the /guardrails/testcustomcode endpoint through bytecode rewriting. An attacker can execute arbitrary code by sending specially crafted requests...

CVE-2026-6067

The CVE-2026-6067 entry concerns the Netwide Assembler (NASM). A heap buffer overflow is caused by insufficient bounds checking in the obj_directive() function. An attacker could exploit this by assembling a malicious .asm file, leading to heap memory corruption, crash (DoS), or arbitrary code ex...

CVE-2026-6067 CVE-2026-6067

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...

CVE-2026-6067 CVE-2026-6067

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the logback-core library

Summary Due to use of the logback-core library, DevOps Test Performance and Rational Performance Tester contain a potential Arbitrary Code Execution ACE vulnerability. Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in configuration file processing by QOS.CH logback-core ...

CVE-2026-30479

A flaw was found in MapServer. This Dynamic-link Library DLL Injection vulnerability allows attackers to execute arbitrary code. The flaw can be exploited by providing a specially crafted executable, potentially leading to unauthorized control over the affected system...

CVE-2026-28704

Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck...

CVE-2026-28704

Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck...

CVE-2026-28704

Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck...

CVE-2026-28704

EmoCheck is affected by a DLL search/loading flaw: it insecurely loads Dynamic Link Libraries (DLLs). A crafted DLL placed in the same directory can lead to arbitrary code execution under the invoking user’s privileges. Documents do not specify the vulnerable component version, exact file or DLL ...

EmoCheck loads Dynamic Link Libraries insecurely

Overview EmoCheck is a tool for detecting infections by "Emotet" malware, provided by Japan Computer Emergency Response Team Coordination Center JPCERT/CC. EmoCheck loads Dynamic Link Libraries insecurely. Uncontrolled search path element CWE-427 - CVE-2026-28704 ryo shimada of Powder Keg...

PT-2026-31995

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.5.128 Description PraisonAI's AST-based Python sandbox can be bypassed using the type. getattribute trampoline, leading to arbitrary code execution when running untrusted agent code. The execute code direct functi...

Altenar Sportsbook Software Platform SB2 安全漏洞

The Altenar Sportsbook Software Platform SB2 is a betting platform and odds management system developed by the Malta-based company Altenar, aimed at the sports betting industry. Version 2.0 of the Altenar Sportsbook Software Platform SB2 contains a security vulnerability. This vulnerability stems...

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained security vulnerabilities. These vulnerabilities stemmed from the Python sandbox based on AST, which could be exploited through type.getattribute, potentially...

PT-2026-31881

Name of the Vulnerable Software and Affected Versions Emocheck affected versions not specified Description Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed in the same directory, arbitrary code may be executed with the privilege of the user invoking EmoCheck...

Google Chrome ANGLE heap buffer overflow vulnerability (CNVD-2026-16862)

Google Chrome is a web browser from Google, an American company. A buffer overflow vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a failure of the ANGLE heap to properly validate the length size of input data, which can be exploited by an...