2938 matches found
Astra Linux – Vulnerability in LibreOffice
In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so that it does not match the denylist, resulting in ShellExecute attempting to launch an executable file...
Astra Linux – Vulnerability in exiv2
A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service DOS...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: A NULL pointer dereference occurs during the removal of a device. During the suspend and resume cycles, the removal and rescan of devices can lead to NULL pointer dereferences. During driver initialization, if th...
Dot-only cookie domains match all hosts
Impact CookieJar incorrectly accepts cookies with a dot-only Domain attribute, such as Domain=., Domain=.., Domain=..., and whitespace-padded variants such as Domain= . . In affected versions, SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the...
CVE-2026-53859
OpenClaw before 2026.5.26 contains a hostname validation vulnerability allowing attackers to bypass blocklist comparisons using trailing-dot notation in model or workspace-derived URLs. Attackers can exploit inconsistent hostname checks to reach destinations that operators intended to block throu...
CVE-2026-53859
Technical details (affected components, root cause, specific versions, exploitation) are not publicly available in the provided documents. Monitor for updates.
BIT-PARSE-2026-53724 Parse Server: Stored XSS via trailing-dot filename bypassing file upload extension blocklist
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.79 and 9.9.1, the default file upload extension blocklist can be bypassed by appending a trailing dot to a filename whose extension would otherwise be blocked e.g. poc.svg...
PT-2026-49776
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.26 Description An issue exists in hostname validation where trailing-dot notation in model or workspace-derived URLs can be used to bypass blocklist comparisons. This occurs because hostname checks treat hosts...
CVE-2026-40798
Unauthenticated SQL Injection in wpForo Forum = 3.0.4 versions...
GHSA-H5X3-XFC9-M39H Symfony: UrlGenerator Dot-Segment Encoding Skips Every Other Chained `../` or `./` → Generated URL Collapses Off-Route Under RFC 3986 Normalization
Description Symfony\Component\Routing\Generator\UrlGenerator::doGenerate percent-encodes . and .. path segments so that the generated URL still resolves to the originating route after RFC 3986 §5.2.4 dot-segment removal which strict RFC-3986 consumers — routers, reverse proxies, HTTP clients —...
Symfony: UrlGenerator Dot-Segment Encoding Skips Every Other Chained `../` or `./` → Generated URL Collapses Off-Route Under RFC 3986 Normalization
Description Symfony\Component\Routing\Generator\UrlGenerator::doGenerate percent-encodes . and .. path segments so that the generated URL still resolves to the originating route after RFC 3986 §5.2.4 dot-segment removal which strict RFC-3986 consumers — routers, reverse proxies, HTTP clients —...
GHSA-FX2H-PF6J-XCFF vite: `server.fs.deny` bypass on Windows alternate paths
Summary The contents of files that are specified by server.fs.deny can be returned to the browser on Windows. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network using --host or server.host config option - the sensitive file...
152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic
Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper add-ons to distribute a potentially unwanted program PUP family. The cluster spans 38 separate Chrome Web Store publisher accounts and three brand backends: tabplugins.com,...
PT-2026-49217
WordPress Dharma Booking 2.28.3 and earlier contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the gateway parameter. Attackers can supply file paths with directory traversal sequences or null byte injection to the gatewa...
RLSA-2026:25220 Important: .NET 8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime...
CVE-2026-53609
ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, apos.util.set traverses dot-notation paths without sanitizing proto, allowing an authenticated editor to write arbitrary values to Object.prototype via the $pullAll patch operator. A confirm...
CVE-2025-7008 Avast antivirus heap buffer OOB read when scanning a malformed PE file
Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast...
EUVD-2026-36590
ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, apos.util.set traverses dot-notation paths without sanitizing proto, allowing an authenticated editor to write arbitrary values to Object.prototype via the $pullAll patch operator. A confirm...
CVE-2026-53724
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.79 and 9.9.1-alpha.4, the default file upload extension blocklist can be bypassed by appending a trailing dot to a filename whose extension would otherwise be blocked e.g...
CVE-2026-53724 Parse Server: Stored XSS via trailing-dot filename bypassing file upload extension blocklist
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.79 and 9.9.1-alpha.4, the default file upload extension blocklist can be bypassed by appending a trailing dot to a filename whose extension would otherwise be blocked e.g...