CVE-2025-71260

BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a deserialization of untrusted data vulnerability in the ASP.NET servlet's VIEWSTATE handling that allows authenticated attackers to execute arbitrary code. Attackers can supply crafted serialized objects to the VIEWSTATE paramete...

gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability

A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2026-14686)

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability, which originates from a misbehavior of the webpage parameter of the function formReboot in the file /goform/formReboot, that can be exploited by an attacker to execute arbitrary co...

KLA90947 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Original advisories CVE-2026-32194 CVE-2026-32191 Exploitation Public exploits exist for this vulnerability. Related products...

CVE-2026-30694

CVE-2026-30694 affects DedeCMS up to v5.7.118 (and earlier). The issue is a vulnerability in the array_filter component that could allow a remote attacker to execute arbitrary code. The CVE’s metrics indicate a high-impact, remote, no-auth Exploit with a 9.8 AV/AC/PR/UI/S/C/I/A profile. Connected...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : Vim vulnerabilities (USN-8101-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8101-1 advisory. Rahul Hoysala discovered that Vim did not correctly handle certain tag resolutions. A...

ROS-20260319-73-0013

Vulnerability in glpi due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260319-73-0001

A vulnerability in the Gimp image processing library is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

ROS-20260319-73-0035

Vulnerability in vim related to buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260319-73-0034

Vulnerability in beats related to writing outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to execute arbitrary code...

RHEL 9 : capstone (RHSA-2026:5125)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5125 advisory. Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security...

PT-2026-26428

Name of the Vulnerable Software and Affected Versions ingress-nginx versions prior to v1.13.9, v1.14.5, and v1.15.1 Description A security issue exists in ingress-nginx where a combination of Ingress annotations can be used to inject configuration into nginx. This can lead to arbitrary code...

CVE-2026-31898

A flaw was found in jsPDF, a JavaScript library used for generating PDF documents. This vulnerability allows a remote attacker to inject arbitrary PDF objects, including JavaScript actions, into a generated PDF. This can occur if unsanitized user input is provided to the createAnnotation method's...

CVE-2026-31968

A flaw was found in HTSlib, a library for reading and writing bioinformatics file formats. Specifically, within the CRAM Compressed Reference-oriented Alignment Map format, incomplete validation of context in the VARINT and CONST encodings could lead to a heap or stack buffer overflow. A remote...

CVE-2026-31969

A flaw was found in HTSlib, a library used for bioinformatics file formats. A remote attacker could exploit an out-by-one error when processing a specially crafted CRAM Compressed Reference-oriented Alignment Map file. This vulnerability can lead to a heap buffer overflow, potentially allowing fo...

CVE-2026-31971

A flaw was found in HTSlib, a library used for bioinformatics file formats. When reading CRAM Compressed Reference-oriented Alignment Map files, the crambytearraylendecode function did not properly validate the size of incoming data against the allocated buffer. This memory corruption vulnerabili...

CVE-2026-31962

A flaw was found in htslib, a library for reading and writing bioinformatics file formats. A local user could exploit a heap buffer overflow vulnerability by opening a specially crafted CRAM file. This flaw occurs due to incorrect handling of certain CRAM format records, leading to reading and...

DEBIAN-CVE-2026-31971

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the BYTEARRAYLEN method, the crambytearraylendecode failed to validat...

CVE-2026-31971

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the BYTEARRAYLEN method, the crambytearraylendecode failed to validat...

CVE-2026-31969

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the BYTEARRAYSTOP method, an out-by-one error in the...