react-router 代码问题漏洞

react-router is a declarative routing library for React, open-sourced by Remix. From version 7.0.0 to 7.14.1 of react-router, there are code-related vulnerabilities. These vulnerabilities stem from the possibility of unauthorized remote code execution through external requests under framework mod...

PT-2026-46465

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Type confusion occurs when a program accesses a...

PT-2026-45770

Name of the Vulnerable Software and Affected Versions VIVOTEK INC FD8136-VVTK-0300a affected versions not specified Description A buffer overflow allows a remote attacker to execute arbitrary code via the 'set getparam.cgi' component. A buffer overflow occurs when a program writes more data to a...

PT-2026-46832

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in PDFium allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted PDF file. Use after free is a memory corruption flaw th...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of PDF components after their release, potentially allowing remote attackers to execute arbitrary code ...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Ozone components after their release, which could allow remote attackers to execute arbitrary code...

PT-2026-45829

Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.0 Description Using the CookieJar.load function with untrusted input may allow arbitrary code execution. This issue is unlikely to affect many applications as most use this function with the user's own data...

PT-2026-45857

Name of the Vulnerable Software and Affected Versions BrowserStack Runner versions prior to 0.9.6 Description An issue in the / log HTTP handler allows unauthenticated network-adjacent attackers to execute arbitrary code on the host system. The handler processes JSON request bodies by passing...

CVE-2026-35716

A stack-based buffer overflow in the motionprivacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via an oversized n1 parameter in a POST request to the /cgi-bin/admin/setpm.cgi, /cgi-bin/admin/setmd.cgi, or...

CVE-2026-35717

A stack-based buffer overflow in the exportlanguage.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via a crafted POST request to the /cgi-bin/admin/exportlanguage.cgi endpoint. The handler passes the...

CVE-2026-30649

Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the setgetparam.cgi component...

PT-2026-46520

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code inside a sandbox. This is achieved by convincing a user to perform specific UI gestures while interacting...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of WebML after its release, which could allow remote attackers to execute arbitrary code within a sandb...

EUVD-2026-33966

Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the setgetparam.cgi component...

PT-2026-46727

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the ServiceWorker component. This occurs when a user is convinced to install a malicious extension, allowing an attacker to execute arbitrary code throu...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a resource management vulnerability. This vulnerability stemmed from the reuse of resources after they were released by ServiceWorker, which could allow attackers to execute arbitrary code...

EUVD-2026-33968

A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device...

PT-2026-46491

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue exists in the Media component, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Type confusio...

PT-2026-46511

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebXR, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46424

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Ozone allows a remote attacker to execute arbitrary code through a crafted HTML page. Use after free is a memory corruption flaw that occurs when an applicatio...