CVE-2026-30574

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity txtqty exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is...

PT-2026-4545

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, an integer overflow exists in the CheckHeader...

CVE-2025-9287

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

cipher-base 安全漏洞

cipher-base is an abstract base class for cryptographic streams in the Browserify open source. A security vulnerability exists in cipher-base version 1.0.4 and earlier, which stems from improper input validation and could lead to tampering of input data...

CVE-2024-32477 Race condition when flushing input stream leads to permission prompt bypass

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. By using ANSI escape sequences and a race between libc::tcflush0, libc::TCIFLUSH and reading standard input, it's possible to manipulate the permission prompt and force it to allow an unsafe action regardless of the...

security flaw

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by 1 inserting the target filename into a text box, then turning that box into a file upload control, or 2 changing the type of the...