1477 matches found
CVE-2026-0528
Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...
CVE-2026-22712
Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39...
GHSA-JRMJ-C5CX-3CW6 Angular has XSS Vulnerability via Unsanitized SVG Script Attributes
A Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular’s internal sanitization schema fails to recognize the href and xlink:href attributes of SVG elements as a Resource URL context. In a standard security model,...
CVE-2020-12498
mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...
CVE-2026-22712
Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-22712
The CVE-2026-22712 issue affects the MediaWiki extension ApprovedRevs. A flaw in ParserAfterTidy causes improper encoding/escaping of output due to magic word replacement, enabling input data manipulation. Affected versions are 1.39 through 1.45. The reported impact is limited to data handling vi...
CVE-2026-22712 ApprovedRevs allows bypassing the inline CSS sanitizer
Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-22712 ApprovedRevs allows bypassing the inline CSS sanitizer
Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39...
Mediawiki - ApprovedRevs Extension 安全漏洞
Mediawiki - ApprovedRevs Extension is an open source content quality control plugin for Mediawiki. A security vulnerability exists in Mediawiki - ApprovedRevs Extension versions 1.45, 1.44, 1.43, and 1.39, which stems from improper output encoding or escaping, and could lead to input data...
CVE-2025-47335 Buffer Copy Without Checking Size of Input in Camera Driver
Memory corruption while parsing clock configuration data for a specific hardware type...
ROS-20251223-7307
Vulnerability in python3 related to incorrect validation of a specified index, position or offset in input data. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251223-7309
Vulnerability in python3.11 related to incorrect validation of a specified index, position or offset in input data. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
CVE-2025-34450
The CVE-2025-34450 entry affects merbanan/rtl_433 up to version 25.02 and before commit 25e47f8. The root cause is a stack-based buffer overflow in parse_rfraw() located in src/rfraw.c when processing crafted or oversized raw RF input, leading to memory corruption or a crash. Impact is described ...
PT-2025-52352
Name of the Vulnerable Software and Affected Versions merbanan/rtl 433 versions up to and including 25.02 and prior to commit 25e47f8 Description The software contains a stack-based buffer overflow in the parse rfraw function, located in src/rfraw.c. Processing crafted or excessively large raw RF...
xorg: xmayland: Value overflow in XkbSetCompatMap()
A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...
EUVD-2025-199627
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service...
CVE-2025-33194
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service...
xorg: xmayland: Value overflow in XkbSetCompatMap()
A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...
xorg: xmayland: Value overflow in XkbSetCompatMap()
A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...
PT-2025-48055
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service...