762 matches found
EUVD-2026-9199
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, a stored XSS vulnerability exists in the Formula virtual cell. Formula results containing URI:: patterns are rendered via v-html without sanitization, allowing injected HTML to execute. This issue has been patche...
CVE-2026-28357 NocoDB: Stored Cross-Site Scripting via Formula Cell
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, a stored XSS vulnerability exists in the Formula virtual cell. Formula results containing URI:: patterns are rendered via v-html without sanitization, allowing injected HTML to execute. This issue has been patche...
CVE-2026-28357 NocoDB: Stored Cross-Site Scripting via Formula Cell
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, a stored XSS vulnerability exists in the Formula virtual cell. Formula results containing URI:: patterns are rendered via v-html without sanitization, allowing injected HTML to execute. This issue has been patche...
CVE-2026-28357
CVE-2026-28357 affects NocoDB prior to version 0.301.3, where the Formula virtual cell can store and render URI::() patterns via v-html without sanitization, enabling stored cross-site scripting. The issue is caused by unsanitized rendering of formula results and has been fixed in 0.301.3. No exp...
CVE-2026-28357 NocoDB: Stored Cross-Site Scripting via Formula Cell
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, a stored XSS vulnerability exists in the Formula virtual cell. Formula results containing URI:: patterns are rendered via v-html without sanitization, allowing injected HTML to execute. This issue has been patche...
PT-2026-22624
Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 0.301.3 Description A stored cross-site scripting XSS issue exists in the Formula virtual cell of NocoDB, a software used for building databases as spreadsheets. Formula results containing URI:: patterns are rendered...
The game is over: when “free” comes at too high a price. What we know about RenEngine
We often describe cases of malware distribution under the guise of game cheats and pirated software. Sometimes such methods are used to spread complex malware that employs advanced techniques and sophisticated infection chains. In February 2026, researchers from Howler Cell announced the discover...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004893)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004893 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axonmsi: Fix refcount leak in setupmsimsgaddress ofgetnextparent returns a node...
CVE-2022-38677
In cell service, there is a missing permission check. This could lead to local denial of service in cell service with no additional execution privileges needed...
CVE-2024-34618
Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information...
CVE-2025-68766 irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()
In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchpeicdomainalloc If irqdomaintranslatetwocell sets "hwirq" to = MCHPEICNIRQ 2 then it results in an out of bounds access. The code checks for invalid values, but doesn't set the error code...
PT-2026-25073
Name of the Vulnerable Software and Affected Versions Black versions prior to 26.3.1 Description Black, a Python code formatter, prior to version 26.3.1, improperly sanitizes user-supplied input when constructing the filename for a cache file. Specifically, the value provided to the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992865)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992865 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axonmsi: Fix refcount leak in setupmsimsgaddress ofgetnextparent returns a node...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992496)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992496 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axonmsi: Fix refcount leak in setupmsimsgaddress ofgetnextparent returns a node...
PyTorch torch.lstm_cell memory corruption
...
CVE-2025-68339
In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200eopen Protect access to fore200e-availablecellrate with ratemtx lock in the error handling path of fore200eopen to prevent a data race. The field fore200e-availablecellrate is a shar...
UBUNTU-CVE-2025-68339
In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200eopen Protect access to fore200e-availablecellrate with ratemtx lock in the error handling path of fore200eopen to prevent a data race. The field fore200e-availablecellrate is a shar...
CVE-2025-68339 atm/fore200e: Fix possible data race in fore200e_open()
In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200eopen Protect access to fore200e-availablecellrate with ratemtx lock in the error handling path of fore200eopen to prevent a data race. The field fore200e-availablecellrate is a shar...
CVE-2025-68339
The CVE-2025-68339 issue concerns the Linux kernel’s atm/fore200e driver. In fore200e_open(), available_cell_rate is reserved under rate_mtx, but if fore200e_activate_vcin() fails, the code adds back bandwidth without holding the lock. Since available_cell_rate is shared across VCCs, this creates...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unlocked access to availablecellrate in fore200eopen, which could lead to data contention...