193 matches found
ROOT-OS-UBUNTU-2404-CVE-2026-53140 CVE-2026-53140 in rootio-linux - Patched by Root
Root has patched CVE-2026-53140 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-21820 CVE-2025-21820 in rootio-linux - Patched by Root
Root has patched CVE-2025-21820 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
CVE-2026-10653
The Zephyr netbuf library lib/netbuf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block refcount at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --refcount. The API is documented as...
Astra Linux – Vulnerability in ffmpeg
In FFmpeg 4.4, the file libavcodec/dnxhddec.c does not check the return value of the initvlc function. This is a similar issue to CVE-2013-0868...
CVE-2026-56024 WordPress WP EasyPay plugin <= 4.5.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal WP EasyPay allows Cross Site Request Forgery. This issue affects WP EasyPay: from n/a through 4.5.0...
EUVD-2026-36971
Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...
CVE-2026-40727
Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...
CVE-2026-40727 WordPress Groundhogg plugin <= 4.4 - Arbitrary File Deletion vulnerability
Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...
PT-2026-49241
Zephyr's native TCP stack iterates the global connection list in net tcp foreach subsys/net/ip/tcp.c using the SYS SLIST FOR EACH CONTAINER SAFE macro, which caches a pointer to the next list node. Prior to this fix the function released tcp lock while invoking the per-connection callback and...
CVE-2026-11448
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...
PT-2026-47169
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...
PT-2026-47171
A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument dev name results in command injection. It is possible to initiate the attack...
CVE-2026-7379
Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
[SECURITY] Fedora 44 Update: perl-Cpanel-JSON-XS-4.41-1.fc44
This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C...
SUSE CVE-2026-7736
A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...
SUSE CVE-2026-7737
A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the component BMP Parser. The manipulation leads to out-of-bounds read. The attack can be initiated...
CVE-2026-44068
Incomplete sanitization of extended attribute EA path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to files outside the intended metadata namespace via crafted EA names...
Netatalk 操作系统命令注入漏洞
Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.2.1 to 4.4.2 of Netatalk contained a vulnerability related to operating system command injection. This vulnerability...
Astra Linux – Vulnerability in ffmpeg
In FFmpeg 4.4, the adtsdecodeextradata function in libavformat/adtsenc.c does not check the return value of initgetbits. This is a necessary step, as the second argument of initgetbits can be manipulated...
UBUNTU-CVE-2026-8430
SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the public space that is limited to certain nginx configurations, allowing attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability through specific nginx...