7989 matches found
PT-2026-6339
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2026-23476
FacturaScripts is open-source enterprise resource planning and accounting software. Prior to 2025.8, there a reflected XSS bug in FacturaScripts. The problem is in how error messages get displayed. Twig's | raw filter is used, which skips HTML escaping. When triggering a database error like passi...
CVE-2026-23476
Summary: CVE-2026-23476 affects FacturaScripts prior to 2025.8, due to a reflected XSS in error messages rendered with Twig’s raw filter. The bug arises when a database error includes user input (e.g., via the code parameter in endpoints like /EditProducto?code=) and the template Core/View/Macro/...
CVE-2026-23476
FacturaScripts is open-source enterprise resource planning and accounting software. Prior to 2025.8, there a reflected XSS bug in FacturaScripts. The problem is in how error messages get displayed. Twig's | raw filter is used, which skips HTML escaping. When triggering a database error like passi...
FacturaScripts is Vulnerable to Reflected XSS
Reflected XSS via SQL Error Messages Summary A reflected XSS bug has been found in FacturaScripts. The problem is in how error messages get displayed - it's using Twig's | raw filter which skips HTML escaping. When a database error is triggered like passing a string where an integer is expected,...
CVE-2025-47397
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors...
EUVD-2025-206609
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors...
ROS-20260202-73-0056
A vulnerability in the bpftrace.c component of the Linux operating system kernel is related to thread locking errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260202-73-0028
A vulnerability in the microchip component of the Linux operating system kernel is related to resource release errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities, which stem from improper handling of modem errors. These vulnerabilities may lead to remote denial-of-service attacks...
EulerOS Virtualization 2.10.0 : libssh (EulerOS-SA-2026-1178)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect...
CVE-2026-1600
A vulnerability was identified in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The impacted element is an unknown function of the file /hungry/addtocart of the component Add-to-Cart Submission Endpoint. The manipulation of the argument price/allprice leads to business log...
CVE-2026-1599
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/servicecharge/grandtotal can lea...
CVE-2026-24054
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...
AZL-75770 CVE-2026-24054 affecting package kata-containers for versions less than 3.19.1.kata2-3
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...
CVE-2026-1599
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/servicecharge/grandtotal can lea...
CVE-2026-1599
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/servicecharge/grandtotal can lea...
CVE-2026-1600 Bdtask Bhojon All-In-One Restaurant Management System Add-to-Cart Submission Endpoint addtocart logic error
A vulnerability was identified in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The impacted element is an unknown function of the file /hungry/addtocart of the component Add-to-Cart Submission Endpoint. The manipulation of the argument price/allprice leads to business log...
CVE-2026-1600
A vulnerability was identified in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The impacted element is an unknown function of the file /hungry/addtocart of the component Add-to-Cart Submission Endpoint. The manipulation of the argument price/allprice leads to business log...
EUVD-2026-4965
A vulnerability was identified in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The impacted element is an unknown function of the file /hungry/addtocart of the component Add-to-Cart Submission Endpoint. The manipulation of the argument price/allprice leads to business log...