CVE-2026-4509

A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black results in incomplete blacklist. The attack may be launched remotely. The exploit has been release...

EUVD-2026-14239

A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black results in incomplete blacklist. The attack may be launched remotely. The exploit has been release...

CVE-2026-4509

A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black results in incomplete blacklist. The attack may be launched remotely. The exploit has been release...

CVE-2026-4507

Mindinventory MindSQL (

PT-2026-5337

Name of the Vulnerable Software and Affected Versions monkey commit f37e984 Description An out-of-bounds read exists in the mk ptr to buf function within the mk core function located in mk memory.c. This issue can be triggered by sending a specially crafted HTTP request to the server, potentially...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reference count leak in the ofledget function of led-core...

PbootCMS 安全漏洞

PbootCMS is PbootCMS open source an open source enterprise website content management system CMS developed using PHP language. A security vulnerability exists in PbootCMS 3.2.12 and earlier versions, which stems from the incorrect operation of the Header Handler component function getuserip on th...

CVE-2025-14490

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...

CVE-2025-14488

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...

DEBIAN-CVE-2025-12206

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this...

CVE-2025-8804 Open5GS AMF ngap_build_downlink_nas_transport assertion

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngapbuilddownlinknastransport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-37826

CVE-2025-37826 pertains to the Linux kernel, specifically the SCSI: UFS core. The root cause is a missing NULL check on the hwq pointer returned by ufshcd_mcq_req_to_hwq(), which can occur in ufshcd_mcq_compl_pending_transfer(). The available connected documents describe a patch that adds a NULL ...

Use-after-free in nfc_llcp_find_loca in net/nfc/llcp_core.c

...

SUSE CVE-2022-23482

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contain a Out of Bound Read in xrdpsecprocessmcsdataCSCORE function. There are no known workarounds for this issue. Users are advised to upgrade...

The vulnerability of the xrdp_sec_process_mcs_data_CS_CORE() function on the XRDP server allows a hacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the xrdpsecprocessmcsdataCSCORE function on the XRDP server is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause service...

CVE-2021-28699

CVE-2021-28699 affects Xen-based platforms (Citrix Hypervisor and Xen). The issue is an inadequate bounds check in the grant table status path: translation of the grant-status frame numbers can exceed allocated translation space, allowing writes beyond the intended area. Citrix shows this as a ho...

DivFix++ 0.34 - Denial of Service

DivFix++ denial of service vulnerability ================ Author : qflb.wu =============== Introduction: ============= DivFix++ is FREE AVI Video Fix & Preview program. Affected version: ===== v0.34 Vulnerability Description: ========================== the DivFixppCore::aviheaderfix function in...

The vulnerability of the library that handles system calls and core functions of glibc allows a attacker to cause a service failure or increase their privileges.

The vulnerability of the encodename function in the library that handles system calls and core glibc functions exists due to errors in processing new line characters in directory path names when using ncpmount and mount.cifs. Exploiting this vulnerability can allow an attacker to cause service...