UBUNTU-CVE-2026-43860

mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...

CVE-2026-20450

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch...

CVE-2026-20450

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch...

CVE-2026-20450

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch...

CVE-2026-20450

CVE-2026-20450 affects the Modem component. The issue is a crash caused by incorrect error handling, which can lead to remote denial of service if a user equipment connects to a rogue base station controlled by an attacker. No user interaction is required; exploitation is scoped to adjacent acces...

CVE-2026-43859

mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...

Malicious code in @b2b_blocker/hide_activation_error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cbbf4ca3aa2fddd7145289bbf2f3ee83ef30e0fb6aa1163f465c4175cd22aec The package @b2bblocker/hideactivationerror was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview @activationcode/error is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-3318 Malicious code in @b2b_blocker/hide_activation_error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cbbf4ca3aa2fddd7145289bbf2f3ee83ef30e0fb6aa1163f465c4175cd22aec The package @b2bblocker/hideactivationerror was found to contain malicious code. Source: ghsa-malware...

CVE-2026-7371

Multiple reflected cross-site scripting xss vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this...

Assimp 缓冲区错误漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Version 6.0.2 of Assimp contains a buffer error vulnerability, which originates from the FBXConverter::ConvertMeshMultiMaterial component in FBXConverter.cpp. This vulnerability...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, which stem from the improper handling of format errors in response frames during wireless roaming. The invalid header structure of these fram...

PT-2026-37171

Name of the Vulnerable Software and Affected Versions Argo Workflows versions 4.0.0 through 4.0.4 Description A nil pointer dereference in the rbacAuthorization function within server/auth/gatekeeper.go can lead to a denial of service for SSO users. This occurs when SSO DELEGATE RBAC TO NAMESPACE...

PT-2026-37111

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.44 Traefik versions prior to 3.6.15 Traefik versions prior to 3.7.0-rc.3 Description An information disclosure issue exists in the errors custom error pages middleware. When a backend returns a response matching...

GoBGP 缓冲区错误漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.3.0 of GoBGP contains a buffer error vulnerability; this vulnerability stems from an out-of-bounds read in the ParseIP6Extended function, which could allow attackers to cause denial-of-service...

GoBGP 缓冲区错误漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of GoBGP prior to 4.3.0 contained a buffer error vulnerability. This vulnerability stems from a buffer overflow in the function PathAttributeAigp.DecodeFromBytes within the AIGP Attribute Parser...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities, which stem from improper error handling and may lead to remote denial-of-service attacks...

MediaTek Chipsets 缓冲区错误漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. MediaTek Chipsets have a buffer error vulnerability, which stems from the lack of boundary checks. This vulnerability may lead to an increase in local privileges...

PT-2026-36768

Name of the Vulnerable Software and Affected Versions MediaTek MT2735 affected versions not specified Description Incorrect error handling in the Modem can cause a system crash. This allows a remote denial of service if a User Equipment UE connects to a rogue base station controlled by an attacke...

Apache HTTP Server 缓冲区错误漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Versions of Apache HTTP Server 2.4.66 and earlier contain a buffer error vulnerability, which...