CVE-2026-42370 GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

CVE-2026-42370

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

CVE-2026-42370

GeoVision GV-VMS V20 WebCam Server Login vulnerability (CVE-2026-42370) affects GV-VMS V20 20.0.2. A stack overflow is triggered by a specially crafted HTTP request, leading to arbitrary code execution. Exploitation is described as unauthenticated over the network. The CVSS 3.1 base metrics indic...

PT-2026-36828

An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via the shutdownMachine and putMachineToSleep functions in PostCompressionActions.cpp...

PT-2026-36857

Name of the Vulnerable Software and Affected Versions PPTAgent versions prior to commit 418491a Description An agentic framework for reflective PowerPoint generation allows arbitrary code execution. This occurs because the software uses the Python eval function to process code generated by a Larg...

CVE-2026-36365

An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via the shutdownMachine and putMachineToSleep functions in PostCompressionActions.cpp...

EUVD-2026-26976

An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via the shutdownMachine and putMachineToSleep functions in PostCompressionActions.cpp...

GeoVision GV-VMS 缓冲区错误漏洞

GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The version GV-VMS V20 20.0.2 contains a buffer error vulnerability. This vulnerability stems from a stack overflow issue in the WebCam Server login function, which may allow custom HTTP requests t...

PPTAgent 安全漏洞

PPTAgent is an open-source intelligent presentation generation tool based on large models developed by ICIP-CAS. Previous versions of PPTAgent 418491a contained security vulnerabilities. These vulnerabilities stemmed from issues with the Python eval function when executing code generated by LLM,...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 111. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Andro...

Astra Linux - уязвимость в vlc

VLC Media Player 3.0.20 and earlier are vulnerable to denial of service due to an integer overflow. This vulnerability can be exploited by a maliciously crafted MMS stream heap-based overflow. If successful, a malicious third party can cause the VLC player to crash or execute arbitrary code with...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 146. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 146.0.1...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 147 and Thunderbird 147. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 148 and Thunderbird...

Astra Linux - уязвимость в edk2

EDK2 contains a vulnerability in the BIOS, where an attacker can cause a “Protection Mechanism Failure” through local access. Successful exploitation of this vulnerability will lead to the execution of arbitrary code, compromising Confidentiality, Integrity, and Availability...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 148.0.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 148.0.2...

Astra Linux - уязвимость в libnbd

A flaw was found in libnbd. A malicious actor could exploit this by convincing libnbd to open a specially crafted Uniform Resource Identifier URI. This vulnerability arises because non-standard hostnames starting with '-o' are incorrectly interpreted as arguments to the Secure Shell SSH process,...

Astra Linux - уязвимость в webkit2gtk

This issue has been addressed through improved enforcement of iframe sandbox rules. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...

Astra Linux - уязвимость в linux

It was discovered that the eBPF implementation in the Linux kernel failed to properly track bound information for 32-bit registers when performing division and modulo operations. A local attacker could use this vulnerability to potentially execute arbitrary code...

Astra Linux - уязвимость в ghostscript

A issue was discovered in psi/zcolor.c in Artifex Ghostscript prior to version 10.04.0. An unchecked Implementation pointer in the Pattern color space could lead to arbitrary code execution...

Astra Linux - уязвимость в webkit2gtk

The issue was resolved through improved bounds checks. This issue is fixed in Safari 17.5, iOS 17.5, iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, and watchOS 10.5. Processing maliciously crafted web content may lead to arbitrary code execution...