OpenCart 安全漏洞

OpenCart is an open-source e-commerce system developed by the OpenCart team in China. This system provides modules for product reviews, product ratings, and product addition. Version 4.0.2.3 of OpenCart contains a security vulnerability, which stems from improper handling of special elements in t...

PT-2026-29457

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 146.0.7680.178 Description An object corruption issue in the V8 component of Google Chrome, prior to version 146.0.7680.178, could allow a remote attacker to execute arbitrary code within a sandbox environment...

smart-admin 安全漏洞

Smart-Admin is a rapid development platform developed by individual developers of 1024-lab. Versions of Smart-Admin prior to 3.29 contained security vulnerabilities. These vulnerabilities stemmed from incorrect handling of the parameter templatecontent in the file...

@openinc/parse-server-opendash (>=3.0.0 <=3.30.0), @servable/parse-server-engine (>=1.6.0 <=1.17.0) +5 more potentially affected by CVE-2026-30850 via parse-server (=8.6.78)

parse-server NPM version =8.6.78 is affected by a known vulnerability. The following packages have a transitive dependency on parse-server and may be impacted: - @openinc/parse-server-opendash =3.0.0, =1.6.0, =1.0.0, =1.0.3, =2.0.0, =2.0.0, =0.0.1, =0.1.0 Source cves: CVE-2026-30850 Source...

CVE-2026-28080

Missing Authorization vulnerability in Rank Math Rank Math SEO PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rank Math SEO PRO: from n/a through 3.0.95...

Chromium: CVE-2026-3543 Inappropriate implementation in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Fedora 44 : chromium (2026-f9edb96182)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f9edb96182 advisory. Update to 145.0.7632.109 CVE-2026-2648: Heap buffer overflow in PDFium CVE-2026-2649: Integer overflow in V8 CVE-2026-2650: Heap buffer overflow in...

CVE-2026-3543

An inappropriate implementation flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=485267831...

OESA-2026-1540 thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.CVE-2026-2757 Use-after-free in...

CVE-2026-2331 CVE-2026-2331

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...

CVE-2026-23802

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through = 3.3.2...

CVE-2025-69654

A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...

AlmaLinux 8 : thunderbird (ALSA-2026:3515)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3515 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs...

AlmaLinux 10 : thunderbird (ALSA-2026:3517)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3517 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bug...

NewStart CGSL MAIN 6.06 (SP) : docker-ce Vulnerability (NS-SA-2026-0028)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has docker-ce packages installed that are affected by a vulnerability: - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set ...

SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2026:0812-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0812-1 advisory. Update to Firefox Extended Support Release 140.8.0 ESR MFSA 2026-15 bsc1258568: - CVE-2026-2757: Incorrect boundary conditions in the WebRTC:...

MiracleLinux 9 : thunderbird-140.8.0-1.el9_7.ML.1 (AXSA:2026-264:05)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-264:05 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety...

BDO-Ontology

🧠 OntologyLab !Python 3.11+https://img.shields.io/badge/P...

CVE-2026-20065

Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in the binder...

CVE-2026-20052

A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a logic error in memory management...