211 matches found
CVE-2026-6643
A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...
CVE-2026-40087
LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same...
Fortinet多款产品 格式化字符串错误漏洞
Fortinet FortiManager is a product of the American company Fortinet. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiManager Cloud is a cloud-based network management software...
CVE-2026-24108
An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...
CVE-2026-24111
CVE-2026-24111 affects the Tenda W20E router (v4.0br_V15.11.0.6). The issue arises when the value of the parameter userInfo is passed to the function addAuthUser and handled by a call to sscanf without proper size validation, which can lead to a buffer overflow . The public descriptions consisten...
CVE-2025-23709
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kiroro Formatted post formatted-post allows Reflected XSS.This issue affects Formatted post: from n/a through = 1.01...
OESA-2025-2558 python-asteval security update
ASTEVAL provides a numpy-aware, safeish 'eval' function Security Fixes: ASTEVAL is an evaluator of Python expressions and statements. Prior to version 1.0.6, if an attacker can control the input to the asteval library, they can bypass asteval s restrictions and execute arbitrary Python code in th...
EUVD-2012-3463
Malware in sbrugna...
EUVD-2020-29313
Malware in sbrugna...
EUVD-2006-0511
Malware in sbrugna...
EUVD-2019-14167
Malware in sbrugna...
EUVD-2021-2103
Malware in sbrugna...
EUVD-2017-11479
Malware in sbrugna...
Planet WGR-500 安全漏洞
The Planet WGR-500 is a WiFi router from Planet Corporation of Taiwan, China. A security vulnerability exists in the Planet WGR-500 v1.3411b190912 version, which stems from a formatted string vulnerability in the formPingCmd function, which could lead to memory corruption...
EUVD-2021-3255
Malicious code in bioql PyPI...
EUVD-2024-24532
Malicious code in bioql PyPI...
EUVD-2025-17645
Malicious code in bioql PyPI...
EUVD-2022-29724
Malicious code in bioql PyPI...
EUVD-2025-3362
Malicious code in bioql PyPI...
CVE-2025-55198
A flaw was found in helm.sh/helm/v3. Improper validation of type errors during parsing of Chart.yaml and index.yaml files can trigger a panic. A remote attacker, requiring user interaction, can trigger this panic via a malformed chart file. This can lead to an application level denial of service...