CVE-2026-3994

This CVE affects rui314 mold up to 2.40.4, specifically mold::ObjectFilemold::X86_64::initialize_sections in src/input-files.cc. Local manipulation can trigger a heap-based buffer overflow. An exploit is public and information indicates non-responsiveness from the project after disclosure. No rem...

DEBIAN-CVE-2026-3388

A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. Performing a manipulation results in uncontrolled recursion. The attack needs to be approached locally. The exploit has been made public and could...

CVE-2026-2662

CVE-2026-2662 affects FascinatedBox Lily up to version 2.3. The vulnerability is in function count_transforms of src/lily_emitter.c, where manipulation leads to an out-of-bounds read. Exploitation is local, and public PoC/ exploit material exists. Reports indicate the project was informed via iss...

CVE-2025-14698 atlaszz AI Photo Team Galleryit App gallery.photogallery.pictures.vault.album path traversal

A weakness has been identified in atlaszz AI Photo Team Galleryit App 1.3.8.2 on Android. This affects an unknown part of the component gallery.photogallery.pictures.vault.album. This manipulation causes path traversal. The attack needs to be launched locally. The exploit has been made available ...

EUVD-2025-36060

A vulnerability was found in dnsmasq up to 2.73rc6. Affected by this vulnerability is the function checkservers of the file src/network.c of the component Config File Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been mad...

CVE-2025-9134 AfterShip Package Tracker App com.aftership.AfterShip AndroidManifest.xml improper export of android application components

A security vulnerability has been detected in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown function of the file AndroidManifest.xml of the component com.aftership.AfterShip. The manipulation leads to improper export of android application components. T...

Linux Distros Unpatched Vulnerability : CVE-2025-2925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MMrealloc of the file src/H5MM.c. T...

ALPINE-CVE-2025-8961

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited...

CVE-2025-8846 NASM Netwide Assember parser.c parse_line stack-based overflow

A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parseline of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used...

CVE-2025-8734

GNU Bison up to 3.8.2 contains a vulnerability in function code_free (src/scan-code.c) that can cause a double free. Exploitation appears to be locally actionable; the exploit has been disclosed, but the actual existence of this issue is disputed as reproductions from a GNU Bison 3.8.2 tarball in...

CVE-2025-6858

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5Cflushsingleentry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the publi...

CVE-2025-2926

A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5Ocachechkserialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public a...

CVE-2025-2926 HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference

A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5Ocachechkserialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public a...

CVE-2025-2913

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...

CVE-2025-0221 IOBit Protected Folder IOCTL pffilter.sys 0x22200c null pointer dereference

A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached...

CVE-2023-2875

A vulnerability, which was classified as problematic, was found in eScan Antivirus 22.0.1400.2443. Affected is the function 0x22E008u in the library PROCOBSRVESX.SYS of the component IoControlCode Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on...