40 matches found
CVE-2026-58306
Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: before ef525f337fafddecde77a3c426212a84bb20cb98...
CVE-2026-58305
Access of resource using incompatible type 'type confusion' vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This issue affects Escargot: before 779f6bedf58f334dec64b0a51ebb724b4708b84a...
EUVD-2026-42571
Stack-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: before b30b63fc63b403907d8137da1c65aaa4521fe74e...
CVE-2026-58303
The CVE-2026-58303 entry concerns Samsung Open Source Escargot. It is a stack-based buffer overflow affecting Escargot versions prior to b30b63fc63b403907d8137da1c65aaa4521fe74e. The vulnerability is triggered locally and leads to high availability impact, with confidentiality impact listed as no...
CVE-2026-56815
pwnlift before d7a9544, in a privileged deployment, contains a symlink following vulnerability in the upload handler in Components/Pages/Home.razor...
CVE-2026-47306
Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Oversized Serialized Data Payloads. This issue affects rlottie: before e2d19e3b150e0e4a9586fa90b56fd3061cc98945...
UBUNTU-CVE-2026-42146
CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...
CVE-2026-40448
Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0...
CVE-2026-32859 ByteDance DeerFlow Stored XSS via Inline Artifact Rendering
ByteDance DeerFlow versions prior to commit 5dbb362 contain a stored cross-site scripting vulnerability in the artifacts API that allows attackers to execute arbitrary scripts by uploading malicious HTML or script content as artifacts. Attackers can store malicious content that executes in the...
[SECURITY] Fedora 42 Update: sad-0.4.32-4.fc42
Space Age seD - Batch File Edit tool. It will show you a really nice diff of proposed changes before you commit them...
[SECURITY] Fedora 43 Update: sad-0.4.32-4.fc43
Space Age seD - Batch File Edit tool. It will show you a really nice diff of proposed changes before you commit them...
EUVD-2025-202402
A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user.This issue affects usbmuxd: before 3ded00c9985a5108cfc7591a309f9a23d57a8cba...
EUVD-2025-175319
Lichess lila before commit 11b4c0fb00f0ffd823246f839627005459c8f05c 2025-06-02 contains a Server-Side Request Forgery SSRF vulnerability in the game export API. The players parameter is passed directly to an internal HTTP client without validation, allowing remote attackers to force the server to...
EUVD-2025-50782
ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...
PT-2025-45449
Name of the Vulnerable Software and Affected Versions ycf1998 money-pos system versions prior to commit 11f276bd20a41f089298d804e43cb1c39d041e59 2025-09-14 Description The ycf1998 money-pos system contains multiple SQL injection vulnerabilities. A remote attacker can potentially execute arbitrary...
CVE-2025-63689
CVE-2025-63689 affects the ycf1998 money-pos system prior to commit 11f276bd20a41f089298d804e43cb1c39d041e59. Multiple SQL injection vulnerabilities exist in the orderby parameter, enabling a remote attacker to execute arbitrary code. Root cause: unsafely constructed SQL with user-controlled orde...
Linux Distros Unpatched Vulnerability : CVE-2017-7495
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs- flushing-before-commit list, which allows local users...
CVE-2025-54949
A heap buffer overflow vulnerability in the loading of ExecuTorch models can potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit ede82493dae6d2d43f8c424e7be4721abe5242be...
CVE-2025-54951
A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c...
ExecuTorch vulnerable to Heap-based Buffer Overflow
A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c...