CVE-2026-25933 Arduino App Lab has Improper Data Validation in Internal Terminal Interface

Arduino App Lab is a cross-platform IDE for developing Arduino Apps. Prior to 0.4.0, a vulnerability was identified in the Terminal component of the arduino-app-lab application. The issue stems from insufficient sanitization and validation of input data received from connected hardware devices,...

CVE-2026-25933 Arduino App Lab has Improper Data Validation in Internal Terminal Interface

Arduino App Lab is a cross-platform IDE for developing Arduino Apps. Prior to 0.4.0, a vulnerability was identified in the Terminal component of the arduino-app-lab application. The issue stems from insufficient sanitization and validation of input data received from connected hardware devices,...

CVE-2026-22923

A vulnerability has been identified in NX All versions V2512, NX Managed Mode All versions V2512. The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.6.6, 18.7.4...

Huawei HarmonyOS camera module out-of-bounds write vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei HarmonyOS camera module, which stems from a lack of proper validation of user-supplied data by the...

CVE-2026-22923

A vulnerability has been identified in NX All versions V2512, NX Managed Mode All versions V2512. The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially...

CVE-2026-22923

A vulnerability has been identified in NX All versions V2512, NX Managed Mode All versions V2512. The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially...

CVE-2026-22923

CVE-2026-22923 affects NX (All versions

CVE-2026-22923

A vulnerability has been identified in NX All versions V2512. The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution...

Siemens NX 安全漏洞

Siemens NX is an integrated solution from the German company Siemens. It’s a flexible and powerful tool that helps you to deliver higher-quality products more quickly and efficiently. Previous versions of Siemens NX V2512 had security vulnerabilities. These vulnerabilities stemmed from insufficie...

PT-2026-7251

Name of the Vulnerable Software and Affected Versions NX versions prior to 2512 Description The application contains a data validation issue that may allow an attacker with local access to manipulate internal data during the PDF export process. This could potentially lead to arbitrary code...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei HarmonyOS camera module, which stems from a lack of proper validation of user-supplied data by the...

ROS-20260203-73-0021

A vulnerability in the btrfs component of the Linux kernel is related to buffer copying without input data validation. Exploitation of the vulnerability allows an intruder to affect the integrity of protected information...

gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow

A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability during the parsing of a malicious PNM Portable Anymap image file. This issue stems from insufficient validation of user-supplied data, which can lead to an integer overflow before memory allocation...

qt6-webengine -- multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 262 security bugs in Chromium: CVE-2025-13223: Type Confusion in V8 CVE-2025-13224: Type Confusion in V8 CVE-2025-13630: Type Confusion in V8 CVE-2025-13632: Inappropriate implementation in DevTools CVE-2025-13634: Inappropriate implementation i...

PT-2026-5103

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the imaplib module. An attacker can manipulate mailbox state, such as deleting emails, moving folders, flagging messages, or reading metadata or specific email content by injecting malicious input...

Huawei HarmonyOS hiview module missing data validation vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A missing data validation vulnerability exists in the Huawei HarmonyOS hiview module, which can be exploited by an attacker to cause availability to be...

CVE-2025-15056

A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002788)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002788 advisory. The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data,...