CVE-2026-34983

A flaw was found in Wasmtime, a runtime for WebAssembly. This vulnerability allows for a use-after-free condition when a host application incorrectly clones and then drops a wasmtime::Linker instance before its cloned counterpart is used. This can lead to unpredictable program behavior and...

EUVD-2020-7220

Malware in sbrugna...

CVE-2025-27657

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Code Execution V-2023-008...

CVE-2023-6542

Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly from the host application. On successful attack, an attacker could navigate to arbitrary URL...

CVE-2020-15224 Socket syscalls can leak enclave memory contents in Open Enclave

In Open Enclave before version 0.12.0, an information disclosure vulnerability exists when an enclave application using the syscalls provided by the sockets.edl is loaded by a malicious host application. An attacker who successfully exploited the vulnerability could read privileged data from the...

openSUSE Security Update : dpdk (openSUSE-2020-1599)

This update for dpdk fixes the following issues : - dpdk was updated to 19.11.4 - CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14 377,CVE-2020-14378: Fixed multiple issues where a malicious guest could harm the host using vhost crypto, including executing code in host VM Escape, reading...

SUSE-SU-2020:2770-1 Security update for dpdk

This update for dpdk fixes the following issues: - dpdk was updated to 19.11.4 - CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14377,CVE-2020-14378: Fixed multiple issues where a malicious guest could harm the host using vhost crypto, including executing code in host VM Escape, reading ho...

Design/Logic Flaw

In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface ABI for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an...

Open Enclave SDK Information Disclosure Vulnerability

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information stored in the Enclave. To exploit this vulnerability, an attacker would have to successful...

Design/Logic Flaw

The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service block pool overflow via malformed Wi-Fi packets during identification of available Wi-Fi networks...

CVE-2019-6496

The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service block pool overflow via malformed Wi-Fi packets during identification of available Wi-Fi networks...

GNU gcc Denial of Service Vulnerability

GNU gcc GNU Compiler Collection is an open source compiler for programming languages developed by the GNU Project. A security vulnerability exists in the libiberty demangler library of GNU gcc. An attacker could exploit the vulnerability to read array index values in mangled strings, crashing the...

LinPHA 0.9.x/1.0 forth_stage_install.php language Variable POST Method Local File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16592/info LinPHA is prone to multiple local file-inclusion and PHP code-injection vulnerabilities. The local file-inclusion issues are due to insecure use of the 'includeonce' PHP function in multiple scripts. The PHP...

Blog Torrent btdownload.php file Variable Traversal Arbitrary File Retrieval

There is a remote directory traversal vulnerability in log Torrent, a web-based application that allows users to host files for Bit Torrents. A malicious user can leverage this issue by requesting files outside of the web server root directory with directory traversal strings such as '../'. This...

Viralator CGI Script Arbitrary Command Execution

The CGI 'viralator.cgi' is installed. Some versions of this CGI are don't check properly the user input and allow anyone to execute arbitrary commands with the privileges of the web server. No flaw was tested. Your script might be a safe version. %NASLMINLEVEL 70300 C Tenable Network Security, In...

Bug in MAS90 Accounting Platform remote access?

Greetings, Not sure if any previous issues with this application have surfaced here, but I've run Sage Software's MAS 200 is an accounting platform which can be configured to permit remote access to server-side data over TCP/IP. A host application listens for connections on the server, and all...