488 matches found
CVE-2026-44582
A flaw was found in Next.js. React Server Component responses are vulnerable to cache poisoning in deployments that use shared caches without proper response partitioning. An attacker can exploit collisions in the rsc cache-busting value to poison cache entries. This allows users to receive...
ROS-20260520-73-0003
A vulnerability in the Picture In Picture technology of Google Chrome browser is related to information presentation errors in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of protected information using a specially crafted...
ROS-20260515-73-0042
A vulnerability in the Picture In Picture technology of Google Chrome browser is associated with incorrect restriction of visualized user interface layers. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of protected information using a specially...
ROS-20260508-73-0018
A vulnerability in the ngxmailsmtpmodule module of the NGINX Plus and NGINX Open Source HTTP server is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability may allow a remote intruder to affect the integrity of protected information...
ROS-20260505-73-0046
A vulnerability in the urllib.request.DataHandler component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability may allow a remote attacker to affect the integrity of protected information...
ROS-20260407-73-0034
A vulnerability in the fs/buffer.c component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an intruder to affect the integrity and availability of protected information...
CVE-2026-2273
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
ROS-20260310-73-0011
A vulnerability in the Digital Credentials component of Google Chrome browser is related to incorrect restriction of visualized user interface layers. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of protected information...
The vulnerability of the Vim text editor arises from the possibility of an operation going beyond the buffer boundaries into memory, allowing an attacker to compromise the integrity of the protected information.
The vulnerability of the Vim text editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the integrity of the protected information...
The vulnerability of the ieee80211_probe_client() function in the net/mac80211/cfg.c module of the mac80211 stack in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ieee80211probeclient function in the net/mac80211/cfg.c module of the mac80211 stack in the Linux operating system is related to incorrect validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the type_show() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the typeshow function in the Linux operating system’s kernel is related to copying buffers without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
ROS-20260205-73-0013
A vulnerability in the drivers/net/vxlan/vxlancore.c module of the Linux operating systems kernel is related to race condition. Exploitation of the vulnerability may allow an intruder to affect the integrity of protected information...
CVE-2026-0514 Cross-Site Scripting (XSS) vulnerability in SAP Business Connector
Due to a Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to...
ROS-20251217-7316
A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to data type mixing errors. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected information using a specially crafted HTML pag...
EUVD-2023-35105
Malicious code in bioql PyPI...
EUVD-2024-40876
Malicious code in bioql PyPI...
EUVD-2022-33209
Malicious code in bioql PyPI...
The vulnerability of the ELMED MIS platform, due to deficiencies in access control mechanisms, allows unauthorized access by attackers, thereby compromising the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the ELMED MIS platform is related to deficiencies in access control mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information and compromise its confidentiality, integrity, and accessibility...
ROS-20250801-02
Vulnerability of vfiopcidevindenylist function of Linux kernel is related to uncontrolled resource consumption. resource consumption. Exploitation of the vulnerability could allow an attacker to affect the integrity and availability of protected information...
The vulnerability of the rgxfw_hwr_log_info() function in the Driver Development Kit (DDK) – a set of tools for developing graphics processor drivers – allows a hacker to compromise the integrity of protected information.
The vulnerability of the rgxfwhwrloginfo function in the Driver Development Kit DDK involves a pointer being moved beyond the allocated memory area when processing the psHWRInfoBuf parameter. Exploiting this vulnerability can allow an attacker to compromise the integrity of the protected...