CVE-2026-4775

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

CVE-2026-4729

Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4721

Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

CVE-2026-4721

Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

UBUNTU-CVE-2026-4720

Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

CVE-2026-4721

Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

CVE-2026-4721

CVE-2026-4721 involves memory safety bugs in Firefox ESR 115.33, ESR 140.8, Thunderbird ESR 140.8, Firefox 148, and Thunderbird 148. The issues could lead to memory corruption and, with sufficient effort, potential arbitrary code execution. Affected versions are Firefox < 149, Firefox ESR <...

CVE-2026-4729 Memory safety bugs fixed in Firefox 149 and Thunderbird 149

Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4729 Memory safety bugs fixed in Firefox 149 and Thunderbird 149

Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4720

Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

CVE-2026-4729

Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4720

CVE-2026-4720 concerns memory-safety bugs in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148, and Thunderbird 148. Some weaknesses show memory corruption; in theory could enable arbitrary code execution with sufficient effort. The issue affects Firefox <149 and Firefox ESR

CVE-2019-25637 X-NetStat Pro 5.63 Local Buffer Overflow via EggHunter

X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload...

CVE-2019-25634

The vulnerability CVE-2019-25634 affects Base64 Decoder 1.1.2. It is a stack-based buffer overflow in the decoder that enables local code execution when an SEH chain is overwritten via crafted input. An egghunter payload can locate and execute shellcode after overflowing a buffer and placing a PO...

CVE-2019-25629

AIDA64 Extreme 5.99.4900 is affected by a structured exception handler (SEH) buffer overflow in the logging functionality. The vulnerability allows local code execution by supplying a malicious CSV log file path; an attacker can inject shellcode via the Hardware Monitoring logging preferences, tr...

Moderate: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

vim: Vim: Arbitrary code execution via 'helpfile' option processing

A flaw was found in Vim, an open source, command line text editor. This heap buffer overflow vulnerability exists in the tag file resolution logic when processing the 'helpfile' option. A local user could exploit this by providing a specially crafted 'helpfile' option value, leading to a heap...

CVE-2026-4739

A flaw was found in InsightSoftwareConsortium ITK, specifically within its Expat modules. This integer overflow or wraparound vulnerability can be exploited by a remote attacker without requiring authentication. Successful exploitation could lead to arbitrary code execution, allowing the attacker...

CVE-2026-32942

A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit a heap use-after-free vulnerability in the Interactive Connectivity Establishment ICE session. This occurs due to race conditions between session destruction and callbacks, potentially allowing for...

MAL-2026-2410 Malicious code in @the-coca-cola-company/ngps-global-common-utils (npm)

Malicious post-install script combined with low project popularity indicates potential malware. Arbitrary code execution is a major concern. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ebe31c5bb51c354ed83627a02c11ca4c8541e042623b1b987255941ffafdaff The...