1086081 matches found
DEBIAN-CVE-2026-43994
Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...
CVE-2026-43994
Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...
MINI-6CQ8-PPPP-94WQ
Bulletin has no description...
MINI-9G35-C55Q-6PP7
Bulletin has no description...
UBUNTU-CVE-2026-43994
Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...
MINI-FMGH-M93H-JRRC
Bulletin has no description...
MINI-PV4M-QCRJ-J5X4
Bulletin has no description...
MINI-G48G-Q7VR-XJ43
Bulletin has no description...
MINI-QQFW-H489-7VQ4
Bulletin has no description...
GHSA-VMF3-W455-68VH vulnerabilities
Vulnerabilities for packages: pulumi, tileserver-gl-fips, saf, graalvm, gitlab-rails-ce-fips, prism, opensearch-dashboards, npm, homepage, actions-runner, opensearch-dashboards-fips, renovate, wazuh-dashboard, lerna, wazuh-dashboard-fips, code-server, gitlab-rails-ce, tileserver-gl...
CVE-2026-53655 vulnerabilities
Vulnerabilities for packages: pulumi, tileserver-gl-fips, saf, graalvm, gitlab-rails-ce-fips, prism, opensearch-dashboards, npm, homepage, actions-runner, opensearch-dashboards-fips, renovate, wazuh-dashboard, lerna, wazuh-dashboard-fips, code-server, gitlab-rails-ce, tileserver-gl...
GHSA-R7G4-QG5F-QQM2 vulnerabilities
Vulnerabilities for packages: langfuse...
GHSA-VMF3-W455-68VH vulnerabilities
Vulnerabilities for packages: renovate, prism, lerna, code-server, tileserver-gl, pulumi, saf, npm...
CVE-2026-53655 vulnerabilities
Vulnerabilities for packages: renovate, prism, lerna, code-server, tileserver-gl, pulumi, saf, npm...
CVE-2026-25865
Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by exploiting the application's call to WinExec without a fully qualified path for RunDll32.exe when invoking shell32.dll ControlRunDLL input.dll. Attacker...
CVE-2026-52726
A flaw was found in Dulwich, a pure-Python implementation of Git file formats and protocols. This vulnerability allows a remote attacker to achieve arbitrary code execution by crafting a malicious Git submodule. When a user clones or updates a repository with such a submodule, the...
CVE-2026-49248
OneDev CVE-2026-49248 affects versions 15.0.6 and earlier. TarUtils.untar() creates symbolic links using entry getLinkName() without validating absolute path targets; a following file entry can traverse the symlink and write to arbitrary server-side locations. This enables RCE-like behavior for a...
CVE-2026-43994
Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...
CVE-2026-43994 Coturn: Stack buffer overflow in decode_oauth_token_gcm()
Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...
CVE-2026-43994
Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...