PT-2026-34889

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the SMB server implementation causes corruption of the stream of reassembled data transfer messages when an immediate empty send is triggered. This occurs due to the improper...

PT-2026-34961

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free issue exists in the SMB client. The function smbd send batch flush already invokes smbd free send io, leading to a second call to smbd free send io after smbd post send mov...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the smbdirectsendbatch process. In this process, requests may not be signaled with IBSENDSIGNALED...

PT-2026-34960

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free issue exists in the SMB server component. The function smb direct flush send list already invokes smb direct free sendmsg, leading to a second call to smb direct free sendm...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013802)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013802 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf batch...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013818)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013818 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from htablockbucket to userspace In htabmaplookupanddeletebatch if...

Exploit for Cross-site Scripting in Bdtask Multi_Store_Inventory_Management_System

CVE-2024-2997 Scanner !Versionhttps://img.shields.io/badge...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010687)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010687 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf batch...

SUSE CVE-2026-28214

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...

CVE-2026-28214

A flaw was found in Firebird, an open-source relational database management system. An authenticated user with INSERT privileges on any table can exploit this vulnerability by sending a specially crafted Batch Parameter Block. This action causes an integer overflow in the...

CVE-2026-28214

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...

EUVD-2026-23466

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...

CVE-2026-28214 Firebird server hangs when using specific clumplet on batch creation

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...

CVE-2026-28214 Firebird server hangs when using specific clumplet on batch creation

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...

CVE-2026-28214

CVE-2026-28214 affects Firebird DBMS. The issue is in the ClumpletReader::getClumpletSize() when parsing a Wide type clumplet, which can overflow totalLength and cause an infinite loop. An authenticated user with INSERT privileges on any table can trigger a denial of service via a crafted Batch P...

PT-2026-33479

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...

[20260513] - Core - Privilege escalation through com_users batch task

An improper access check allows privlege escalation through the comusers batch task...

JLSEC-2026-115 Deno has an incomplete fix for command-injection prevention on Windows — case-insensitive extension bypass

Summary A prior patch aimed to block spawning Windows batch/shell files by returning an error when a spawned path’s extension matched .bat or .cmd. That check performs a case-sensitive comparison against lowercase literals and therefore can be bypassed when the extension uses alternate casing for...

JLSEC-2026-113 Deno is Vulnerable to Command Injection on Windows During Batch File Execution

Summary Deno versions up to 2.5.1 are vulnerable to Command Line Injection attacks on Windows when batch files are executed. Details In Windows, CreateProcess always implicitly spawns cmd.exe if a batch file .bat, .cmd, etc. is being executed even if the application does not specify it via the...

saleor 安全漏洞

Saleor is an open-source interface software developed by Saleor Commerce. Versions of Saleor prior to 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118 contain security vulnerabilities. These vulnerabilities stem from the lack of a limit on the number of GraphQL batch operations, which may lead to resourc...