2549 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-43194
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: consume xmit errors of GSO frames udpgrofrglist.sh and udpgrobench.sh are the flakiest tests currently in NIPA. They fail in the same exact way, TCP GRO te...
PT-2026-37534
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel networking stack where the system incorrectly handles transmission xmit return codes for Generic Segmentation Offload GSO frames in environments witho...
PT-2026-37341
The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mp pix image' WooCommerce API endpoint in all versions up to, and including, 8.7.11. This makes it possible for unauthenticated attackers to retrie...
CVE-2025-47405
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
CVE-2025-47405 Untrusted Pointer Dereference in Camera
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
CVE-2025-47405 Untrusted Pointer Dereference in Camera
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
EUVD-2025-209630
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
CVE-2025-47405
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
JLSEC-2026-397
When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...
PT-2026-36841
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
Postfix 安全漏洞
Postfix is an open-source mail transfer agent software developed by Postfix. Vulnerabilities existed in versions prior to Postfix 3.8.16, 3.9.10, and 3.10.9. These vulnerabilities stemmed from the lack of text after the third digit in enhanced status codes, which could lead to excessive buffer...
MINI-MXF9-VGMG-9VWG
Bulletin has no description...
cve-checker-2026
CVE Checker 2026 Multi-OS vulnerability scanner for: - CVE...
CVE-2026-41386
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and scope...
CVE-2026-41386 OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and scope...
CVE-2026-41386
OpenClaw is affected by a privilege-escalation vulnerability in bootstrap pairing where unbound bootstrap setup codes can be misassociated with device roles/scopes. Affected software: openclaw (npm). Vulnerable versions are
EUVD-2026-26095
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and scope...
CVE-2026-3323 VEGA: Privilege escalation through unsecured configuration interface in VEGAPULS devices
An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes...
CVE-2026-3323
An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes...
EUVD-2026-26030
An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes...