1040 matches found
EUVD-2026-9500
Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain susceptible...
CVE-2026-26002 OnDemand susceptible to malicious input when navigating to a directory.
Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain susceptible...
Security Bulletin: IBM Event Streams is vulnerable to a denial of service
Summary IBM Event Streams is vulnerable to a denial of service due to non‑linear parsing of malicious input. CVE-2024-45338 Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length...
Open OnDemand 注入漏洞
Open OnDemand is an open-source software developed by the Ohio Supercomputer Center, designed for open-ended interactive HPC through web-based interfaces. Versions of Open OnDemand prior to 4.0.9 and 4.1.3 contained a vulnerability due to improper handling of malicious inputs by the Files...
PT-2026-23070
Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain susceptible...
PT-2026-23028
A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a browser that is accessin...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14276)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...
CLSA-2026-1771855171 glib2: Fix of CVE-2025-14087
CVE-2025-14087: fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings...
CLSA-2026-1771854372 glib2: Fix of CVE-2025-14087
CVE-2025-14087: fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings...
glib2: Fix of CVE-2025-14087
CVE-2025-14087: Fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings...
CLSA-2026-1771579997 glib2: Fix of CVE-2025-14087
CVE-2025-14087: Fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings...
CVE-2025-33239
NVIDIA Megatron Bridge contains a vulnerability in a data merging tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2026-27074
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vaakash Shortcoder shortcoder allows Stored XSS.This issue affects Shortcoder: from n/a through = 6.5.1...
PT-2026-20406
NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, a...
PT-2026-20400
Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge affected versions not specified Description The software contains a flaw in a data merging tutorial that could allow code injection with malicious input. Exploitation of this issue may lead to code execution, privilege...
PT-2026-20401
Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge affected versions not specified Description The software contains a flaw in a data shuffling tutorial that could allow code injection with malicious input. Exploitation may lead to code execution, privilege escalation,...
rPGP affected by crash in message handling for deeply nested messages
Summary Previous rPGP versions could be caused to crash with a "stack overflow" when parsing messages that contain deeply nested message layers, such as messages with many signatures. rPGP 0.19.0 resolves this issue with a more robust message handling implementation via...
CVE-2019-25329
FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwriting Structured Exception Handler SEH with malicious input. Attackers can generate a payload of 4108 'A' characters followed by 4 'B' characters and 40 'C' characters to trigger ...
CVE-2019-25347
thesystem App 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the username parameter. Attackers can inject malicious SQL code like ' or '1=1 to the username field to gain unauthorized access to user accounts...
CVE-2025-46305
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash...