197205 matches found
RHEL 9 : python3.11 (RHSA-2026:14652)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14652 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
Mozilla Firefox ESR < 140.10.2
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.10.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-41 advisory. - Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of...
Mozilla Firefox ESR < 140.10.2
The version of Firefox ESR installed on the remote Windows host is prior to 140.10.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-41 advisory. - Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bug...
firefox -- Memory safety bugs present in Firefox 150
https://www.mozilla.org/en-US/security/advisories/mfsa2026-40/ reports: Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...
firefox -- Memory safety bugs present in Firefox ESR 115
https://www.mozilla.org/en-US/security/advisories/mfsa2026-40/ reports: Memory safety bugs. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...
RHEL 8 : LibRaw (RHSA-2026:14655)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:14655 advisory. LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw:...
LuaJIT 2.1.1774638290 - Arbitrary Code Execution
-- Exploit Title: LuaJIT 2.1.1774638290 - Arbitrary Code Execution -- Date: 2026-03-29 -- Exploit Author: TaurusOmar -- Vendor Homepage: https://luajit.org/ -- Software Link: https://luajit.org/download.html -- Version: LuaJIT 2.1.1774638290 latest -- Tested on: Linux x86-64 Arch Linux --...
mathjs 安全漏洞
MathJS is an extension library for JavaScript and Node.js developed by Jos de Jong. It includes a flexible expression parser, offering integrated solutions for handling numbers, large numbers, complex numbers, units, matrices, etc. Versions of MathJS from 13.1.0 to 15.2.0 had security...
PT-2026-38431
Name of the Vulnerable Software and Affected Versions Firefox version 150.0.1 Description Memory safety bugs exist that exhibit evidence of memory corruption. These issues could potentially be exploited to execute arbitrary code. Recommendations Update to version 150.0.2...
PT-2026-39179
It was discovered that OpenJPEG did not properly handle memory when encoding image files. An attacker could use this issue to cause OpenJPEG to crash, resulting in a denial of service, or possibly execute arbitrary code...
Mozilla Firefox < 150.0.2
The version of Firefox installed on the remote Windows host is prior to 150.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-40 advisory. - Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presum...
RHEL 8 : LibRaw (RHSA-2026:14673)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:14673 advisory. LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw:...
Mozilla Firefox < 150.0.2
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 150.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-40 advisory. - Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and...
Arbitrary Code Injection
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
Arbitrary Code Injection
Overview GitPython is a python library used to interact with Git repositories Affected versions of this package are vulnerable to Arbitrary Code Injection via the setvalue function. An attacker can achieve arbitrary code execution by injecting newline characters into configuration values, which...
JupyterLab's command linker attributes in HTML enable one-click command execution from untrusted content
JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all click events on document.body and executes the named command without checking whether the element came from trusted JupyterLab UI. A notebook with ...
EUVD-2026-28055
Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the evaluation of user-controlled input within validation rules during documentation generation. An attacker can execute arbitrary code by supplying crafted data to documentation endpoints when they are...
CSV Injection
Overview Affected versions of this package are vulnerable to CSV Injection via the export function. An attacker can execute arbitrary spreadsheet formulas in the context of an administrator's local machine by injecting formula payloads into profile fields, which are then exported and opened in...
libpng: libpng: Arbitrary code execution due to use-after-free vulnerability
A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...