3782 matches found
CVE-2026-34478
Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.htmlRFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to undocumented renames of security-relevant configuration attributes. Two distinct issues affect user...
Exploit for Stack-based Buffer Overflow in Samsung Exynos_980_Firmware
CVE-2025-54328 — Samsung Exynos SMS RP-DATA Stack Buffer Overf...
PT-2026-31982
Apache Log4net's XmlLayout https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list and XmlLayoutSchemaLog4J https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list , in versions before 3.3.0, fail to sanitize characters forbidden by the XML 1.0...
Apache Log4j 安全漏洞
Apache Log4j is an open-source logging tool based on Java, developed by the Apache Foundation in the United States. Versions of Apache Log4j Core 2.25.3 and earlier contain security vulnerabilities. These vulnerabilities stem from XmlLayout failing to clean out characters prohibited by the XML 1....
Apache Log4j 安全漏洞
Apache Log4j is an open-source logging tool based on Java, developed by the Apache Foundation in the United States. Versions of Apache Log4j JSON Template Layout 2.25.3 and earlier contain security vulnerabilities. These vulnerabilities arise from the JsonTemplateLayout generating invalid JSON...
📄 XiboCMS 3.3.4 Traversal / Code Execution
XiboCMS version 3.3.4 zip slip exploit that leverages path traversal and arbitrary file upload vulnerabilities to achieve code execution. Exploit Title: XiboCMS 3.3.4- Remote Code Execution Google Dork: N/A Date: 2025-11-18 Exploit Author: complexusprada Vendor Homepage: https://xibo.org.uk/...
Inefficient Algorithmic Complexity
Overview @chenglou/pretext is a Fast, accurate & comprehensive text measurement & layout Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the isRepeatedSingleCharRun function during text analysis. An attacker can cause significant performance...
CVE-2026-35525
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for % include %, % render %, and % layout %, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not...
CVE-2026-35525 LiquidJS has a root restriction bypass for partial and layout loading through symlinked templates
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for % include %, % render %, and % layout %, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not...
CVE-2026-35525 LiquidJS has a root restriction bypass for partial and layout loading through symlinked templates
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for % include %, % render %, and % layout %, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not...
CVE-2026-35525
CVE-2026-35525 affects LiquidJS and involves a root restriction bypass for partial and layout loading via symlinked templates. The issue arises because the code checks the candidate path against allowed partials/layouts directories using a path-based check, not the canonical real filesystem path....
EUVD-2026-20594
LiquidJS: Root restriction bypass for partial and layout loading through symlinked templates...
CLSA-2026-1775655363 kernel: Fix of 9 CVEs
ovl: Filter invalid inodes with missing lookup function CVE-2024-56570 - ALSA: aloop: Fix racy access at PCM trigger CVE-2026-23191 - media: imon: reorganize serialization CVE-2025-39993 - usb: xhci: Fix inverted ringxrunevent check in handletxevent CVE-2025-37882 - Revert "VFS: Impose ordering...
PT-2026-31349
Summary LiquidJS enforces partial and layout root restrictions using the resolved pathname string, but it does not resolve the canonical filesystem path before opening the file. A symlink placed inside an allowed partials or layouts directory can therefore point to a file outside that directory a...
xibocms 3.3.4 - RCE
Exploit Title: XiboCMS 3.3.4- Remote Code Execution Google Dork: N/A Date: 2025-11-18 Exploit Author: complexusprada Vendor Homepage: https://xibo.org.uk/ Software Link: https://github.com/xibosignage/xibo-cms Version: 1.8.0 - 2.3.16, 3.0.0 - 3.3.4 Tested on: Ubuntu Linux Docker, Xibo CMS 3.3.4...
firefox: thunderbird: Use-after-free in the Layout: Text and Fonts component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Layout: Text and Fonts component...
firefox: thunderbird: Incorrect boundary conditions in the Layout: Text and Fonts component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Layout: Text and Fonts component...
OpenClaw: Gateway hello snapshots exposed host config and state paths to non-admin clients
Summary Before OpenClaw 2026.4.2, the Gateway connect success snapshot exposed local configPath and stateDir metadata to non-admin clients. Low-privilege authenticated clients could learn host filesystem layout and deployment details that were not needed for their role. Impact A non-admin client...
CVE-2018-25255 10-Strike LANState 8.8 Local Buffer Overflow SEH
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...
Defending Buffer Overflows in WebAssembly: A Transpiler Approach
WebAssembly is quickly becoming a popular compilation target for a variety of code. However, vulnerabilities in the source languages translate to vulnerabilities in the WebAssembly binaries. This work proposes a methodology and a WebAssembly transpiler to prevent buffer overflows in the unmanaged...