588861 matches found
MAL-2026-5464 Malicious code in db-xorma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1428486c71a3cd7d89ea90a17631bb5dc0fee7e11a6cbb4d8029a8b25268c7d2 db-xorma advertises itself as a reactive in-memory database library. When a consumer creates any Model instance the documented entry point, the...
Malicious code in db-dx-connector (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0a6cd3a84c38e801823eba4ccf0d4ff2a28f5955309bfb300f7f0f640b1a69b db-dx-connector is a name-transposition of the legitimate divblox package dx-db-connector the package.json even points repository.url at...
MAL-2026-5463 Malicious code in db-dx-connector (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0a6cd3a84c38e801823eba4ccf0d4ff2a28f5955309bfb300f7f0f640b1a69b db-dx-connector is a name-transposition of the legitimate divblox package dx-db-connector the package.json even points repository.url at...
Exploit for Integer Overflow or Wraparound in Google Android
CVE-2025-48595 - Android Framework Integer Overflow Vulnerabil...
CVE-2026-48306
Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-48305
Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-47908
Dreamweaver Desktop versions 21.7 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-47906
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...
CVE-2026-34709
Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
DEBIAN-CVE-2026-11822
SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...
CVE-2026-11822
SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...
CVE-2026-11824
SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4...
Malicious code in tailwind-form (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a2959fd43465328b090afd0464e0e3de0e1677ecd2068d4ef05bdfe5867b79 tailwind-form is a typosquat of the legitimate @tailwindcss/forms plugin README and repository field are copied from tailwindlabs/tailwindcss-forms,...
MAL-2026-5487 Malicious code in tailwind-form (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a2959fd43465328b090afd0464e0e3de0e1677ecd2068d4ef05bdfe5867b79 tailwind-form is a typosquat of the legitimate @tailwindcss/forms plugin README and repository field are copied from tailwindlabs/tailwindcss-forms,...
CVE-2026-47937 Acrobat Reader | Uncontrolled Search Path Element (CWE-427)
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...
CVE-2026-47937 Acrobat Reader | Uncontrolled Search Path Element (CWE-427)
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...
CVE-2026-47937
CVE-2026-47937 affects Adobe Acrobat Reader up to version 24.001.30365 and 26.001.21651 (and earlier). The issue is an Uncontrolled Search Path Element (CWE-427) that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction : a victim must o...
EUVD-2026-35826
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...
CVE-2026-47918
Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) is affected by a Use After Free (CWE-416) vulnerability that can lead to arbitrary code execution in the current user context. Exploitation requires user interaction: the victim must open a malicious file. The CVSSv3.1 vector report...
CVE-2026-47916 Acrobat Reader | Use After Free (CWE-416)
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...