83 matches found
EUVD-2026-42818
Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...
EUVD-2026-42035
Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in HAVELSAN Inc. Liman MYS allows LDAP Injection. This issue affects Liman MYS: before release.Master.1107...
CVE-2026-11340
Missing Authorization vulnerability in HAVELSAN Inc. Liman MYS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Liman MYS: before release.Master.1107...
CVE-2026-11340
CVE-2026-11340 describes a Missing Authorization vulnerability in HAVELSAN’s Liman MYS prior to release.Master.1107, where functionality is accessible without proper ACL constraints. Core issue: access to certain features is not properly constrained by ACLs, enabling unauthorized access. Accordin...
CVE-2026-21008
Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacker to access sensitive information...
CVE-2026-21029
Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations...
CVE-2026-21027
Technical details about CVE-2026-21027, including affected products, vulnerable components, root cause, and fixes, are not provided in the supplied documents. Monitor Samsung advisories and NVD for updates.
PT-2026-46920
Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions...
PT-2026-46916
Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information...
Nautobot 安全漏洞
Nautobot is a web-based automation platform developed by the Nautobot team. Versions of Nautobot prior to 2.4.33 and 3.1.2 contained security vulnerabilities. These vulnerabilities stemmed from users who had permission to add/modify GitRepository records being able to directly set the currenthead...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the SPI controller does not properly unregister the controller before releasing...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close netlink supports iterative dumping of data. It provides the following operations: - start – Optional Initiates the dumping process. - dump – The actual dumping process; this...
CVE-2026-8700
Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...
CVE-2026-45346 Open WebUI: Stored Cross-Site Scripting in SVG Renderer
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.31, there is a Cross-Site Scripting vulnerability in Open WebUI SVG renderer implementation. This vulnerability is fixed in 0.6.31...
CVE-2026-21021
Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity...
CVE-2026-21021
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-21021
Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity...
CVE-2026-7918
Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-7382
Exposure of Sensitive Information to an Unauthorized Actor, Exposure of private personal information to an unauthorized actor vulnerability in MeWare Software Development Inc. PDKS allows Excavation. This issue affects PDKS: from V16.20200313 before VMYR3.5.2025117...
PT-2026-36197
Name of the Vulnerable Software and Affected Versions Exim versions prior to 4.99.2 Description An out-of-bounds read occurs when utf8 operators are enabled and malformed UTF-8 header data containing large UTF-8 trailing characters is processed. This may lead to the disclosure of information with...