205319 matches found
EUVD-2026-26976
An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via the shutdownMachine and putMachineToSleep functions in PostCompressionActions.cpp...
GeoVision GV-VMS 缓冲区错误漏洞
GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The version GV-VMS V20 20.0.2 contains a buffer error vulnerability. This vulnerability stems from a stack overflow issue in the WebCam Server login function, which may allow custom HTTP requests t...
PPTAgent 安全漏洞
PPTAgent is an open-source intelligent presentation generation tool based on large models developed by ICIP-CAS. Previous versions of PPTAgent 418491a contained security vulnerabilities. These vulnerabilities stemmed from issues with the Python eval function when executing code generated by LLM,...
Astra Linux - уязвимость в vlc
VLC Media Player 3.0.20 and earlier are vulnerable to denial of service due to an integer overflow. This vulnerability can be exploited by a maliciously crafted MMS stream heap-based overflow. If successful, a malicious third party can cause the VLC player to crash or execute arbitrary code with...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 146. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 146.0.1...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 147 and Thunderbird 147. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 148 and Thunderbird...
Astra Linux - уязвимость в edk2
EDK2 contains a vulnerability in the BIOS, where an attacker can cause a “Protection Mechanism Failure” through local access. Successful exploitation of this vulnerability will lead to the execution of arbitrary code, compromising Confidentiality, Integrity, and Availability...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 148.0.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 148.0.2...
Astra Linux - уязвимость в libnbd
A flaw was found in libnbd. A malicious actor could exploit this by convincing libnbd to open a specially crafted Uniform Resource Identifier URI. This vulnerability arises because non-standard hostnames starting with '-o' are incorrectly interpreted as arguments to the Secure Shell SSH process,...
Astra Linux - уязвимость в linux
It was discovered that the eBPF implementation in the Linux kernel failed to properly track bound information for 32-bit registers when performing division and modulo operations. A local attacker could use this vulnerability to potentially execute arbitrary code...
Astra Linux - уязвимость в ghostscript
A issue was discovered in psi/zcolor.c in Artifex Ghostscript prior to version 10.04.0. An unchecked Implementation pointer in the Pattern color space could lead to arbitrary code execution...
Astra Linux - уязвимость в webkit2gtk
The issue was resolved through improved bounds checks. This issue is fixed in Safari 17.5, iOS 17.5, iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, and watchOS 10.5. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux - уязвимость в openimageio
A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially crafted targa file can lead to out-of-bound read and write operations on the process stack, which can result in arbitrary code execution. An attacker can provide a malicious file...
Astra Linux - уязвимость в webkit2gtk
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may...
Arbitrary Code Injection
Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to Arbitrary Code Injection via the eval function in the LambdaFilterComponent component. An attacker can execute arbitrary...
Binutils: binutils: arbitrary code execution via malformed xcoff object file processing
...
MiracleLinux 9 : python3.12-3.12.12-4.el9_7.3 (AXSA:2026-519:12)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-519:12 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...
FreeBSD : Mozilla -- Memory safety bugs (e4a08820-470d-11f1-be75-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e4a08820-470d-11f1-be75-b42e991fc52e advisory. https://bugzilla.mozilla.org/buglist.cgi?bugid=2028537%2C2029911%2C2031121%2C2033602 reports: Memory...
Debian dsa-6239 : chromium - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6239 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6239-1 [email protected]...
RHEL 8 : OpenEXR (RHSA-2026:12338)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:12338 advisory. OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. This package...