ROS-20260417-73-0041

Vulnerability in zabbix7-lts related to providing a data element for an erroneous session. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

ROS-20260417-73-0043

Vulnerability in zabbix7.4 related to the provisioning of a data element for an erroneous session. Exploitation of the vulnerability may allow an attacker to escalate his privileges...

ROS-20260417-73-0040

Vulnerability in zabbix-lts related to providing a data element for an erroneous session. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

CVE-2026-29776

An integer underflow flaw has been discovered in FreeRDP. A uint32 field is populated from a uint16 data element. This field is later modified without proper checks and in some situations a program crash may occur. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2026-24490 MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field

MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The...

ROS-20251215-7313

A vulnerability in the cifs.upcall function of the CIFS cifs-utils network file system mount utility package is related to the provisioning of a data element for an erroneous session. Exploitation of the vulnerability could allow an attacker to disclose protected information...

EUVD-2002-1038

Malware in sbrugna...

The vulnerability of the hid_bpfdestroy_device() function in the HID component of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the hidbpfdestroydevice function in the HID component of the Linux kernel is related to improper elimination of certain elements in the output data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the DCH-compatible Thunderbolt driver, related to incorrect elimination of special elements in the output data, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities

Talos Vulnerability Report TALOS-2024-1931 Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities February 20, 2024 CVE Number CVE-2024-24793,CVE-2024-24794 SUMMARY A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imagi...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated. A security vulnerability exists in Qualcomm Chipsets that originates from a denial of service when the WLAN firmware receives a reassoc response frame containing a RICDATA element...

PT-2024-12415 · Qualcomm · Qualcomm 7C+ Gen 3 Compute

Name of the Vulnerable Software and Affected Versions: Qualcomm 7c+ Gen 3 Compute affected versions not specified Description: The issue occurs when the WLAN firmware receives a 'reassoc response' frame that includes a RIC DATA element, leading to a transient denial of service DOS. Recommendation...

The vulnerability of the Microsoft Office suite, related to pointer offsets, allows a perpetrator to execute arbitrary code or gain full control over the application.

The vulnerability of the Microsoft Office package is related to a pointer offset issue during the processing of the cbHdrData element in the FEATHEADER field of BIFF format files. Exploiting this vulnerability allows an attacker to execute arbitrary code or gain full control over the application...

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-2176)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in...

CVE-2018-10517

In CMS Made Simple CMSMS through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element...

Android Broadcom Wi-Fi Driver Memory Corruption

/ Copyright C 2016 by AbdSec Core Team This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option any later version. This program is...

CVE-2008-4437

Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attachpath is enabled, allows remote attackers to read arbitrary files via an XML file with a .. dot dot in the data element...

CVE-2002-1049

Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service crash via the TSI data element...

CVE-2002-1049

Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service crash via the TSI data element...

CVE-2002-1049

Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service crash via the TSI data element...