96 matches found
CVE-2026-53467
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contains a possible heap information disclosure vulnerability because part of the pixels are left unchanged. This issue has been fixed in versio...
CVE-2026-11651 vulnerabilities
Vulnerabilities for packages: chromium...
PT-2026-46346
Unauthenticated Local File Inclusion in Wanium = 1.9.8 versions...
PT-2026-46326
Unauthenticated Local File Inclusion in Raider Spirit = 1.1.2 versions...
CVE-2026-8973
Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
CVE-2026-8953 Sandbox escape due to use-after-free in the Disability Access APIs component
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-8946
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-27211
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
PT-2026-21357
Name of the Vulnerable Software and Affected Versions Cloud Hypervisor versions 34.0 through 50.0 Description Cloud Hypervisor, a Virtual Machine Monitor for Cloud workloads, has an issue where a malicious guest can potentially access sensitive host files. This occurs when using virtio-block...
PT-2026-1959
Name of the Vulnerable Software and Affected Versions Asseco InfoMedica versions prior to 4.50.1 Asseco InfoMedica versions prior to 5.38.0 Description Asseco InfoMedica stores user passwords in an encoded format within a database. An attacker with access to these encoded passwords can decode the...
Mozilla Firefox < 51.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 51.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-01 advisory. - A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired...
Malicious code in bitha-51 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 146504a69ebd3f3dc97a4976f2268db27b464079718103ab3a3f9dba2471f7dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-165035 Malicious code in rival-poke51 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08ef17468e670783fdd21a1cc3063467cd0fa89df38656a40b026e1d5d5276f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
ClipBucket SQL注入漏洞
ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A SQL injection vulnerability exists in ClipBucket v5 versions 5.5.2 through 151 and earlier, which originates from a certified administrator with plugin management...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.51 CNF IBU extras update
An update for ibu components is available for Red Hat OpenShift Container Platform 4.16. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra ibu container...
StarNet FastX 安全漏洞
StarNet FastX is a remote desktop software from StarNet USA. A security vulnerability exists in StarNet FastX 4.1.51 and prior versions that stems from a path traversal flaw that could allow an unauthenticated attacker to read arbitrary files...
AI Forensics Help Europol Track 51 Children in Global Online Abuse Case
Europol and 18 countries used AI forensics to identify 51 child victims and 60 suspects in a global online abuse investigation...
Adversarial Bug Reports As a Security Risk in Language Model-Based Automated Program Repair
Large Language Model LLM - based Automated Program Repair APR systems are increasingly integrated into modern software development workflows, offering automated patches in response to natural language bug reports. However, this reliance on untrusted user input introduces a novel and underexplored...