CVE-2026-46191

CVE-2026-46191 affects the Linux kernel framebuffer console (fbcon). The issue arises in fbcon_rotate_font() when a reallocation during console rotation fails; the old buffer is kept but becomes too small for the rotated font, enabling out-of-bounds font access for high-character codes. The fix c...

CVE-2020-10590

Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port 8800 on the Replicated Classic server could retrieve the TLS Keypair Cert and Key used to configure...

EUVD-2015-6441

Malware in sbrugna...

EUVD-2011-1771

Malware in sbrugna...

EUVD-2015-7184

Malware in sbrugna...

EUVD-2007-3273

Malware in sbrugna...

EUVD-2011-1521

Malware in sbrugna...

EUVD-2009-2447

Malware in sbrugna...

EUVD-2019-0842

Malware in sbrugna...

EUVD-2005-3628

Malware in sbrugna...

EUVD-2022-6261

Malicious code in bioql PyPI...

EUVD-2024-32594

Malicious code in bioql PyPI...

EUVD-2025-16357

Malicious code in bioql PyPI...

EUVD-2023-23767

Malicious code in bioql PyPI...

Absolute Secure Access 安全漏洞

Absolute Secure Access is an application from Absolute, Inc. to provide Secure Service Edge SSE optimized for hybrid and mobile working models. A security vulnerability exists in Absolute Secure Access versions 12.00 through prior to 13.56 that stems from insecure content deserialization and coul...

CVE-2025-49083

CVE-2025-49083 describes a data deserialization vulnerability in the management console of Absolute Secure Access (versions 12.00 up to 13.55). With high privileges and no user interaction , an attacker with administrative console access can deserialize and execute unsafe content in the console’s...

CVE-2025-38198

In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the "storemodes" sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in...

PT-2025-24659 · Unknown · Airleader Easy +1

Name of the Vulnerable Software and Affected Versions: Airleader Master and Easy versions prior to 6.36 Description: The issue allows remote attackers to execute arbitrary commands via an unrestricted file upload in the Panel Designer dashboard. This can be exploited by logging into the...

CVE-2019-18955

The web console in Lansweeper 7.2.105.2 has XSS via the URL path. Product vulnerability has been fixed and disclosed within changelog as of 02 Dec 2019...

CVE-2017-16821

b3log Symphony aka Sym 2.2.0 has XSS in processor/AdminProcessor.java in the admin console, as demonstrated by a crafted X-Forwarded-For HTTP header that is mishandled during display of a client IP address in /admin/user/userid...