2134 matches found
CVE-2026-26967
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...
CVE-2026-26967
PJSIP Vulnerability CVE-2026-26967: In 2.16 and earlier, the H.264 unpacketizer can overflow the heap when processing malformed SRTP packets, due to reading a 2-byte NAL unit size without validating bounds within the payload. Affected: PJSIP-based applications handling H.264 video streams. Impact...
PT-2026-20971
PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...
2026-02 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5075912)
2026-02 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems KB5075912...
2026-02 Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5075912)
2026-02 Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems KB5075912...
VulnCheck KEV: CVE-2022-30777
Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...
Malicious Package
Overview h-jsencrypt is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
Astra Linux – Vulnerability in python-h11
h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a lack of strict parsing of line terminators in chunked-coded message bodies in h11 could lead to request smuggling vulnerabilities under certain conditions. This issue has been fixed in version 0.16.0. Since exploiting this...
MINI-775M-722R-3C8H
Bulletin has no description...
EUVD-2026-4517
Malicious code in h-jsencrypt npm...
Malicious code in h-jsencrypt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb69a1fb2f3c3ef16b7e30994095eb335b41563a498523667d83d60ed0c56c60 The package h-jsencrypt was found to contain malicious code. Source: ghsa-malware a2cacebaa99bf1715c395ba91c26e95c4ce77af5a16cbbcc4e5041c2a47b4143 An...
MAL-2026-495 Malicious code in h-jsencrypt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb69a1fb2f3c3ef16b7e30994095eb335b41563a498523667d83d60ed0c56c60 The package h-jsencrypt was found to contain malicious code. Source: ghsa-malware a2cacebaa99bf1715c395ba91c26e95c4ce77af5a16cbbcc4e5041c2a47b4143 An...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004106)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004106 advisory. In memzeroexplicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure wit...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003996)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003996 advisory. An out-of-bounds memory write flaw was found in how the Linux kernels Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. Th...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000597)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000597 advisory. net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by...
HTTP Request Smuggling
Overview org.webjars.npm:h3 is a Minimal HTTP framework built for high performance and portability. Affected versions of this package are vulnerable to HTTP Request Smuggling via improper parsing of the Transfer-Encoding header in the readRawBody function. An attacker can bypass security controls...
CVE-2026-23527 h3 v1 has Request Smuggling (TE.TE) issue
H3 is a minimal HTTP framework built for high performance and portability. Prior to 1.15.5, there is a critical HTTP Request Smuggling vulnerability. readRawBody is doing a strict case-sensitive check for the Transfer-Encoding header. It explicitly looks for "chunked", but per the RFC, this heade...
2026-01 Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5073724)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...
2026-01 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5073457)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...
2026-01 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5073724)
ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...