CVE-2026-20054

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this...

CVE-2026-20101

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error checki...

EUVD-2026-9459

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper range checking when decompressing VBA data, which is user controlled. An...

CVE-2026-20068

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...

CVE-2026-20058 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...

CVE-2026-20057

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

CVE-2026-20054

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this...

USN-8075-1: GIMP vulnerabilities

Michael Randrianantenaina discovered that calculating the linear size of a DDS file could overflow on 32-bit systems. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS...

CVE-2026-20101

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error checki...

CVE-2026-20101

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error checki...

Cisco IOS XE和Cisco Secure Firewall Threat Defense 安全漏洞

Cisco IOS XE and Cisco Secure Firewall Threat Defense are both products of the American company Cisco. Cisco IOS XE is an operating system. It serves as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN operations. Cisco IOS XE reduces the complexity o...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005511)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005511 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2xattrfindentry Add a paranoia check to make sure it doesn't...

PT-2026-23025

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...

GHSA-2MC2-G238-722J OpenClaw affected by iMessage remote attachment SCP hardening (strict host-key checks and remoteHost validation)

Summary Remote iMessage attachment fetches used SCP with trust-on-first-use host-key behavior and accepted unvalidated remote host tokens. Before the fix: - SCP used StrictHostKeyChecking=accept-new in the remote attachment path. - channels.imessage.remoteHost was not validated as a strict SSH ho...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from incorrect boundary checking. These vulnerabilities may lead to out-of-bound writes and local privilege escalation...

In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.

...

Mailpit 安全漏洞

Mailpit is an email testing tool developed by Ralph Slooten personally. Versions of Mailpit prior to 1.29.2 contained security vulnerabilities. These vulnerabilities stemmed from the link-checking API’s execution of HTTP HEAD requests for each URL found in emails. During these requests, the targe...

CVE-2026-0399

Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint...

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

CVE-2022-0185-Analysis-and-Exploit Research and proof-of-conce...

CVE-2026-0399

Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint...