7600 matches found
CVE-2026-48983
pamusb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, a symlink race condition exists in per-device and per-user pad directory creation. pamusb uses a check-then-act pattern: it calls lstat to test for existence and then calls mkdir separate...
The vulnerability of the SoapServer class in the PHP programming language involves the use of memory after it is freed. This allows attackers to exploit the vulnerable code to disclose sensitive information or cause service failures.
The vulnerability of the SoapServer class in the PHP programming language is related to the use of memory after it is freed during the processing of the SOAPPERSISTENCESESSION parameter. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information or...
ROS-20260617-73-0027
The vulnerability of the msl.c component in the console-based image editing tool ImageMagick is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain access to confidential data or cause service interruptions...
ROS-20260617-73-0047
The vulnerability in ImageMagick 7 is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
ROS-20260617-73-0028
The vulnerability of the msl.c component in the console-based image editing tool ImageMagick is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain access to confidential data or cause service interruptions...
ROS-20260617-73-0048
The vulnerability in ImageMagick is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
EUVD-2025-210170
An attacker with network-level access between the SUSE Virtualization and Rancher Manager in SUSE Harvester before 1.8.0 could interfere with the TLS handshake and abuse it to bypass TLS as a security control...
CVE-2026-10831
A denial-of-service vulnerability exists in NPort devices because of improper access control on the command port. The command interface does not properly validate whether a sender is associated with a valid data port session before accepting break signal commands. A remote attacker with network...
CVE-2026-10831
CVE-2026-10831 concerns MOXA NPort serial device servers. The issue is improper access control on the command port: the command interface does not properly verify that the sender is tied to a valid data-port session before accepting break signal commands. A remote attacker with network access can...
EUVD-2026-37043
A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged authenticated attacker can send a specially crafted request that causes service disruption and may result in an unexpected device reboot...
PT-2026-51773
Name of the Vulnerable Software and Affected Versions Crawl4AI versions prior to 0.8.7 Description Multiple security issues affect the Crawl4AI Docker API server across several functional areas: - An authentication bypass in the monitor router allows unauthenticated access to destructive...
PT-2026-49840
Name of the Vulnerable Software and Affected Versions Oracle Data Integrator version 12.2.1.4.0 Oracle Data Integrator version 14.1.2.0.0 Description An issue exists in the Market Place component of the Oracle Data Integrator product of Oracle Fusion Middleware. A low privileged attacker with...
PT-2026-49966
Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager APM - Application Performance Management version 13.5 Oracle Enterprise Manager APM - Application Performance Management version 24.1 Description An issue exists in the JADM and JVM Diagnostics components of the APM -...
ROS-20260616-73-0023
The vulnerability in ImageMagick 7 is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
mysql: JSON unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: JSON. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access v...
ROS-20260615-73-0031
The vulnerability of the updatereadcachebitmaporder function in the RDP client FreeRDP is related to integer overflow. Exploiting this vulnerability could allow a malicious actor to cause service failure...
The vulnerability of the CheckKeyTypes() function in the Wayland protocol implementation for X.Org XWaylan, as well as in the X.Org Server implementation of the X Window System, allows a malicious actor to escalate their privileges and cause service failures.
The vulnerability of the CheckKeyTypes function in the Wayland protocol for X.Org XWaylan, as well as in the X.Org Server, is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow attackers to gain increased privileges and cause service...
EUVD-2026-36529
The Naxclow platform API that returns device relay registration details exposes a persistent credential without verifying that the requester is the legitimate device or owner. An actor able to present a platform-valid request signature can retrieve credentials for arbitrary devices and register o...
CVE-2026-11846
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to delete arbitrary system files or directories, resulting in data destruction or service disruption...
CVE-2026-47166
A flaw was found in ImageMagick, a widely used software for image editing. An attacker with high privileges and local access could exploit a vulnerability in the magick -distribute-cache service. By causing a heap buffer over-read, this could lead to the disclosure of sensitive information and...