192420 matches found
ROS-20260310-73-0046
Vulnerability in python-django related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
PT-2026-24873
CVE-2026-3925 Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. C… https://t.co/XnxsUXtXOT...
EulerOS 2.0 SP13 : python-virtualenv (EulerOS-SA-2026-1260)
According to the versions of the python-virtualenv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use...
MCP-In-SoS: Risk Assessment Framework for Open-Source MCP Servers
Model Context Protocol MCP servers have rapidly emerged over the past year as a widely adopted way to enable Large Language Model LLM agents to access dynamic, real-world tools. As MCP servers proliferate and become easy to adopt via open-source releases, understanding their security risks become...
Fortinet FortiAnalyzer Lack of TLS Certificate Validation during initial SSO Authentication (FG-IR-26-078)
The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-078 advisory. - A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0...
UBUNTU-CVE-2026-26130
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...
PT-2026-24881
🚨 CVE-2026-3934 Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium 🎖@cveNotify...
PT-2026-24328
Name of the Vulnerable Software and Affected Versions Azure MCP Server affected versions not specified Description An authorized attacker can exploit a server-side request forgery SSRF condition in Azure MCP Server to gain elevated privileges on a network. SSRF occurs when an application makes...
PT-2026-24325
Name of the Vulnerable Software and Affected Versions SQL Server affected versions not specified Description Improper validation of a specified type of input in SQL Server can allow an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information...
PT-2026-24317
Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Microsoft Office Microsoft 365 Apps for Enterprise Microsoft Office Online Server Description A use-after-free issue exists in Microsoft Office Excel, Microsoft Office, Microsoft 365 Apps...
PT-2026-24271
Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally...
PT-2026-24273
Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A use after free issue exists in Windows Print Spooler Components. This allows an authorized attacker to execute code over a network. Recommendations At the moment, there is no...
PT-2026-24321
Name of the Vulnerable Software and Affected Versions Windows Routing and Remote Access Service RRAS affected versions not specified Description An integer overflow or wraparound exists in Windows Routing and Remote Access Service RRAS. This condition allows an unauthorized attacker to execute co...
PT-2026-24300
Уязвимость службы Routing and Remote Access Service RRAS операционных систем Windows связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, ействующему удаленно, выполнить произвольный код...
PT-2026-24282
Interested in USB Airgap? Soon a detail description of CVE-2026-24288. This vulnerability in the Windows Mobile Broadband driver could allow an attacker to execute code. Ability to send unsolicited events from the USB device to the host is the entry point. Stay tuned! 😉...
PT-2026-24260
Name of the Vulnerable Software and Affected Versions SQL Server versions 2016 SP3 through 2025 Description An improper access control issue in SQL Server allows an authorized attacker to elevate privileges over a network. An attacker can gain sysadmin privileges remotely on affected SQL Server...
Microsoft Windows GDI Bitmap Parsing Out-Of-Bound Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. Interaction with the GDI library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...
PT-2026-24330
Name of the Vulnerable Software and Affected Versions .NET versions 9.0.0 through 9.0.13 .NET versions 10.0.0 through 10.0.3 Microsoft.Bcl.Memory versions 9.0.0 through 9.0.13 Microsoft.Bcl.Memory versions 10.0.0 through 10.0.3 Description An out-of-bounds read issue exists in .NET and...
EulerOS 2.0 SP13 : gdb (EulerOS-SA-2026-1270)
According to the versions of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the component Linker...
ROS-20260310-73-0015
A vulnerability in the ANGLE library of the Google Chrome browser is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...