205940 matches found
MAL-2026-2410 Malicious code in @the-coca-cola-company/ngps-global-common-utils (npm)
Malicious post-install script combined with low project popularity indicates potential malware. Arbitrary code execution is a major concern. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ebe31c5bb51c354ed83627a02c11ca4c8541e042623b1b987255941ffafdaff The...
CVE-2025-41660
The CVE-2025-41660 entry concerns CODESYS Control runtime system. According to sources, a low-privileged remote attacker may replace the boot application, enabling unauthorized code execution on the target. This is characterized as a network-accessible issue with low attack complexity and privile...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of arithmetic operations in the expat module. An attacker can cause unexpected behavior or potentially execute arbitrary code by providing specially crafted input that triggers an...
CVE-2026-4745 Arbitrary Code Execution via Crafted Bytecode in dendibakh/perf-ninja
Improper Control of Generation of Code 'Code Injection' vulnerability in dendibakh perf-ninja labs/misc/pgo/lua modules. This vulnerability is associated with program files ldo.C. This issue affects perf-ninja...
CVE-2026-4745
CVE-2026-4745 is an Arbitrary Code Execution in dendibakh perf-ninja (labs/misc/pgo/lua modules) linked to the vulnerable program file ldo.C. The issue arises from improper generation of code (Code Injection) in perf-ninja, affecting the Lua-related components. The CVSS 4.0 base score is 10.0 (CR...
CVE-2026-4745 Arbitrary Code Execution via Crafted Bytecode in dendibakh/perf-ninja
Improper Control of Generation of Code 'Code Injection' vulnerability in dendibakh perf-ninja labs/misc/pgo/lua modules. This vulnerability is associated with program files ldo.C. This issue affects perf-ninja...
CVE-2026-4744 Notepad3 Bundled Oniguruma compile_string_node() Heap Buffer Overflow via Crafted Regex Pattern Allows Arbitrary Code Execution
Out-of-bounds Read vulnerability in rizonesoft Notepad3 scintilla/oniguruma/src modules. This vulnerability is associated with program files regcomp.C. This issue affects Notepad3: before 6.25.714.1...
Mozilla多款产品 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due to...
FreeIPMI 安全漏洞
FreeIPMI is an open-source server remote management toolset provided by FreeIPMI, which offers features for managing and monitoring IPMI interfaces. Versions of FreeIPMI prior to 1.16.17 contained security vulnerabilities. These vulnerabilities stemmed from buffer overflows in the ipmi-oem client...
PT-2026-27361
FlexHEX 2.71 contains a local buffer overflow vulnerability in the Stream Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler SEH overflow. Attackers can craft a malicious text file with carefully aligned shellcode and SEH chain pointers,...
KLA90957 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevati...
Mozilla Firefox和Mozilla Thunderbird 资源管理错误漏洞
Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A resource management error vulnerability exists in Mozilla Firefox and Mozilla...
Mozilla多款产品 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due to...
Mozilla多款产品 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products, whic...
FlexHEX 代码问题漏洞
FlexHEX is an open-source hexadecimal data editor developed by FlexHEX. Version 2.71 of FlexHEX contains a code vulnerability caused by a local buffer overflow in the Stream Name field. This vulnerability could allow local attackers to execute arbitrary code by triggering the structured exception...
Mozilla多款产品 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...
Mozilla多款产品 资源管理错误漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A memory misreference vulnerability exists in multiple Mozilla products, whi...
Security Vulnerabilities fixed in Thunderbird 140.9 — Mozilla
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking...
Security Vulnerabilities fixed in Firefox ESR 140.9 — Mozilla
Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Memory safety bugs present in...
Security Vulnerabilities fixed in Firefox 149 — Mozilla
Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Memory safety bugs present in...