605 matches found
CVE-2026-31626
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize letmp64 in rtwBIPverify Initialize letmp64 to zero in rtwBIPverify to prevent using uninitialized data. Smatch warns that only 6 bytes are copied to this 8-byte u64 variable, leaving the last two...
CVE-2026-31626 staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify()
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize letmp64 in rtwBIPverify Initialize letmp64 to zero in rtwBIPverify to prevent using uninitialized data. Smatch warns that only 6 bytes are copied to this 8-byte u64 variable, leaving the last two...
CVE-2026-31626 staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify()
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize letmp64 in rtwBIPverify Initialize letmp64 to zero in rtwBIPverify to prevent using uninitialized data. Smatch warns that only 6 bytes are copied to this 8-byte u64 variable, leaving the last two...
CVE-2026-25874 LeRobot Unsafe Deserialization Remote Code Execution via gRPC
LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. An unauthenticated network-reachable...
Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.47 fixes various security issues The following security issues were fixed: CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689...
SUSE CVE-2026-31053
A double free vulnerability exists in librz/bin/format/le/le.c in the function leloadfixuprecord. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...
CVE-2026-31053
A double free vulnerability exists in librz/bin/format/le/le.c in the function leloadfixuprecord. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...
CVE-2026-31053
A double free vulnerability exists in librz/bin/format/le/le.c in the function leloadfixuprecord. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...
CVE-2026-31053
A double free vulnerability exists in librz/bin/format/le/le.c in the function leloadfixuprecord. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...
PT-2026-30615
A double free vulnerability exists in librz/bin/format/le/le.c in the function le load fixup record. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...
EUVD-2026-14949
IDrive’s idservice.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the...
CVE-2026-1995
IDrive’s idservice.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the...
PT-2026-27472
Name of the Vulnerable Software and Affected Versions IDrive versions affected versions not specified Description The id service.exe process operates with elevated privileges and routinely reads files located in the C:ProgramDataIDrive directory. These files, encoded in UTF16-LE, are used as...
EUVD-2026-9729
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...
CVE-2026-28069
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...
CVE-2026-28069 WordPress Le Truffe theme <= 1.1.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...
CVE-2026-28069
CVE-2026-28069 is a Local File Inclusion vulnerability in the WordPress theme Le Truffe (≤ 1.1.7) stemming from improper control of filename for include/require statements in PHP. The issue allows PHP Local File Inclusion and has a high overall impact (CVSS v3.1: 8.1, High; network attack vector,...
CVE-2026-28069 WordPress Le Truffe theme <= 1.1.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...
PT-2026-23349
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...
WordPress plugin Le Truffe 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...