114676 matches found
ECHO-F940-3352-DC67
Bulletin has no description...
EUVD-2026-37008
Slim has Reflected XSS in the HtmlErrorRenderer...
DEBIAN-CVE-2026-56379
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering...
DEBIAN-CVE-2026-56115
dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...
DEBIAN-CVE-2026-56113
dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...
DEBIAN-CVE-2026-56114
dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...
DEBIAN-CVE-2026-11940
tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...
DEBIAN-CVE-2026-56968
GNU SASL before 2.2.4 lacks sanitization of a short challenge in gsaslntlmclientstep in the NTLM client, which could result in memory disclosure via a crafted server...
DEBIAN-CVE-2026-57053
GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idnatounicodeinternal. The affected code is not present in libidn2...
CGA-7MFV-W6HR-8FV2
Bulletin has no description...
CGA-6FHH-QHC9-7M53
Bulletin has no description...
MINI-HJC7-62JP-Q9CW
Bulletin has no description...
MINI-7H5M-H97F-P672
Bulletin has no description...
MINI-W7GP-VQ3F-5PVP
Bulletin has no description...
ECHO-3B67-4BD3-D8BE
Bulletin has no description...
ECHO-D1AC-9337-96AB
Bulletin has no description...
ECHO-C85B-77DD-0D28
Bulletin has no description...
ECHO-F4DA-5CDF-F6C3
Bulletin has no description...
ECHO-B9F2-2C14-64AB
Bulletin has no description...
ECHO-2791-8592-919C
Bulletin has no description...