CVE-2026-7233

Technical details about CVE-2026-7233 are not publicly available in the provided documents; monitor for updates.

CVE-2026-7233 Artifex MuPDF CFF Index subset-cff.c fz_subset_cff_for_gids out-of-bounds

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

adsprpc Refcount Leak / Use-After-Free

adsprpc suffers from a refcount leak that leads to a use-after-free condition in fastrpcgetprocessgids...

This Week in Spring - May 14th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! This week's highlights in the Spring ecosystem emphasize the ongoing advancements and applications of Spring AI. The discussions range from exploring the impressive VectorStore abstraction and enhanced structured output suppo...

EulerOS Virtualization 3.0.2.6 : samba (EulerOS-SA-2021-2883)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN...

EulerOS Virtualization 2.9.1 : samba (EulerOS-SA-2021-2179)

According to the version of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2021-2079)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token

A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...

Design/Logic Flaw

The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...

SYS.1.3.A2

Jeder Login-Name, jede Benutzer-ID User-ID, UID und jede Gruppen-ID GID DARF NUR einmal vorkommen. Jeder Benutzer MUSS Mitglied mindestens einer Gruppe sein. Jede in der Datei /etc/passwd vorkommende GID MUSS in der Datei /etc/group definiert sein. Jede Gruppe SOLLTE nur die Benutzer enthalten, d...

OSV-2018-179 Heap-buffer-overflow in OT::post::accelerator_t::cmp_gids

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11290 Crash type: Heap-buffer-overflow READ 5 Crash state: OT::post::acceleratort::cmpgids sortrcmpswap sortrsimple...

CVE-2019-15901

An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. A setusercontext3 call with flags to change the UID, primary GID, and secondary GIDs was replaced on certain platforms: Linux and possibly NetBSD with a single setuid2 call. This resulted in neither...

Linux: Duplicated GIDs

Duplicated GIDs can occur after modifying Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribut...

Amazon Linux 2 : kernel (ALAS-2018-956) (Dirty COW) (Spectre)

Stack-based out-of-bounds read via vmcall instruction Linux kernel compiled with the KVM virtualization CONFIGKVM support is vulnerable to an out-of-bounds read access issue. It could occur when emulating vmcall instructions invoked by a guest. A guest user/process could use this flaw to disclose...

Knauf doe-het-zelf gids - Customized SSL, Dynamic Code Loading, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Knauf doe-het-zelf gids published at the 'play' market has multiple vulnerabilities...

gids-was.de XSS vulnerability

Open Bug Bounty ID: OBB-47442 Description| Value ---|--- Affected Website:| gids-was.de Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

CentOS Update for cifs-utils CESA-2012:0902 centos6

Check for the Version of cifs-utils OpenVAS Vulnerability Test CentOS Update for cifs-utils CESA-2012:0902 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS 6 : cifs-utils (CESA-2012:0902)

An updated cifs-utils package that fixes one security issue, multiple bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score,...

RedHat Update for cifs-utils RHSA-2012:0902-04

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-1999-1308

The CVE-1999-1308 issue affects HP-UX 10.20 where several programs do not properly handle large user IDs (UID) or group IDs (GID) above 60000, enabling local privilege escalation. Root cause: improper handling of high UID/GID values in affected programs. Impact as described: local privilege eleva...