60 matches found
GO-2026-5570 Free5gc NRF is vulnerable to scope validation bypass via maliciously crafted targetNF value in github.com/free5gc/nrf
Free5gc NRF is vulnerable to scope validation bypass via maliciously crafted targetNF value in github.com/free5gc/nrf...
Astra Linux – Vulnerability in WebKit2GTK
This issue has been resolved through improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5, and iPadOS 18.7.5; iOS 26.3 and iPadOS 26.3; macOS Tahoe 26.3; and visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...
Routinator crashes when encountering maliciously crafted RRDP XML files
When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...
CVE-2026-44728 Improper Control of Generation of Code when compiling specifically crafted malicious code with @babel/plugin-transform-modules-systemjs
Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...
CVE-2026-43656
Apple fixed an out-of-bounds write issue by improving input validation in parsing a malicious file. Affected are iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.5. The vulnerability could cause an unexpected app termination. Re...
RLSA-2026:8352 Important: bind security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
Important: bind9.16 security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
CVE-2025-9457 PRT File Parsing Memory Corruption Vulnerability
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...
CVE-2025-9456
A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...
EUVD-2021-24632
Malware in sbrugna...
CVE-2025-0695
An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 17.6 and iPadOS prior to version 17.6, which stems from the fact...
CVE-2024-23147
CVE-2024-23147 concerns Autodesk AutoCAD memory corruption due to parsing malicious CATPART, X_B and STEP files in ASMKERN228A.dll and ASMKERN229A.dll. The vulnerability is described as a write access violation that, in conjunction with other vulnerabilities, can lead to code execution in the con...
CVE-2024-23443
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack...
CVE-2024-23443
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack...
BIT-GITLAB-2024-2818 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. It was possible for an attacker to cause a denial of service using malicious crafted description parameter for labels...
CVE-2024-23138
A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2024-23126 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
Design/Logic Flaw
A maliciously crafted 3DM file in opennurbs.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process...
CVE-2023-50694
An issue in dom96 HTTPbeast v.0.4.1 and before allows a remote attacker to send a malicious crafted request due to insufficient parsing in the parser.nim component...