17033 matches found
CVE-2023-54353
Chromacam 4.0.3.0 contains an unquoted service path vulnerability in the PsyFrameGrabberService that allows local attackers to execute arbitrary code by placing malicious executables in unquoted path directories. Attackers with write access to C:\ or subdirectories like C:\Program Files...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel before version 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. This could lead to an out-of-bounds write vulnerability...
Malicious code in node-slot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d71bcdec983467ab6a47b538e524abc1cdafc98b411761bffb375be17d72009 On npm install, package.json's postinstall hook executes node test.js which invokes code in index.js that performs two distinct attacks on the...
PT-2026-51088
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description Oj is a JSON parser and Object marshaller for Ruby. A Use-After-Free issue exists when using the Oj::Parser in SAJ mode. The parser fails to protect cached object keys of 35 bytes or more from garbage...
PT-2026-51083
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description Oj::Doc iterators each value, each child, each leaf are subject to a heap use-after-free. This occurs when a Ruby block yielded during iteration calls doc.close or d.close, causing the document's heap...
[SECURITY] Fedora 44 Update: librabbitmq-0.16.0-1.fc44
This is a C-language AMQP client library for use with AMQP servers speaking protocol versions 0-9-1...
binary-exploitation-labs
Binary Exploitation & Reverse Engineering Labs Hands-on labs...
aiohttp: C HTTP Parser Bypasses max_line_size for Fragmented Lines
Summary It is possible to bypass the maxlinesize check in parts of an HTTP request in the C parser. Impact If using the optimised C parser the default in pre-built wheels, then an attacker may be able to send oversized lines through the HTTP parser and use an excessive amount of memory, potential...
GHSA-63HW-FMQ6-XXG2 aiohttp: C HTTP Parser Bypasses max_line_size for Fragmented Lines
Summary It is possible to bypass the maxlinesize check in parts of an HTTP request in the C parser. Impact If using the optimised C parser the default in pre-built wheels, then an attacker may be able to send oversized lines through the HTTP parser and use an excessive amount of memory, potential...
Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by command injection.
Summary glob-10.4.5.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2025-64756. Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command...
SUSE-SU-2026:22125-1 Security update for editorconfig-core-c
This update for editorconfig-core-c fixes the following issue: - CVE-2026-40489: lpattern buffer overflow bsc1262131...
CVE-2025-55641
A NULL pointer dereference in the gfisomcopysampleinfo function isomedia/isomwrite.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
PT-2026-49591
Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.1 Description An issue exists in the C parser of the asynchronous HTTP client/server framework where the max line size check can be bypassed in parts of an HTTP request. When using the optimized C parser, which i...
CVE-2026-54412
CVE-2026-54412 affects LiamBindle MQTT-C up to v1.1.6. The vulnerability is a heap-based out-of-bounds read and integer underflow in mqtt_unpack_publish_response() (src/mqtt.c). A broker-controlled or injected PUBLISH packet can allow a remote unauthenticated attacker to crash a subscribed MQTT-C...
CVE-2026-54412
LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqttunpackpublishresponse function in src/mqtt.c that allows a remote unauthenticated attacker controlling an MQTT broker - or able to inject MQTT traffic into an unencrypted session - to...
CVE-2026-12043
Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted sequence of HTTP/2...
CVE-2026-12043 Heap double-free in AWS Common Runtime aws-c-http
Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted sequence of HTTP/2...
CVE-2026-12043 Heap double-free in AWS Common Runtime aws-c-http
Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted sequence of HTTP/2...
CVE-2026-44967
OpenTelemetry-cpp is the C++ implementation of OpenTelemetry. Prior to release 1.27.0, the OTLP HTTP exporters traces/metrics/logs read the full HTTP response into an in-memory vector of bytes without a size cap. This is exploitable for memory exhaustion when the configured collector endpoint is...
UBUNTU-CVE-2026-44967
OpenTelemetry-cpp is the C++ implementation of OpenTelemetry. Prior to release 1.27.0, the OTLP HTTP exporters traces/metrics/logs read the full HTTP response into an in-memory vector of bytes without a size cap. This is exploitable for memory exhaustion when the configured collector endpoint is...