CVE-2026-3720

A security flaw has been discovered in 1024-lab/lab1024 SmartAdmin up to 3.29. Impacted is an unknown function of the file smart-admin-web-javascript/src/views/business/oa/notice/components/notice-form-drawer.vue of the component Notice Module. The manipulation results in cross site scripting. Th...

AZL-79520 CVE-2026-3713 affecting package libpng15 1.5.30-15

A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function dopnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local...

CVE-2026-30909

Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows. bin2hex, encrypt, aes256gcmencryptafternm and seal functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer. Encountering this...

CVE-2026-30910

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined signature creation, and bin2hex functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer...

CVE-2026-30910 Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined signature creation, and bin2hex functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer...

PT-2026-23926

A security flaw has been discovered in 1024-lab/lab1024 SmartAdmin up to 3.29. Impacted is an unknown function of the file smart-admin-web-javascript/src/views/business/oa/notice/components/notice-form-drawer.vue of the component Notice Module. The manipulation results in cross site scripting. Th...

EUVD-2026-10155

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compounddocumentistreambuf::xsgetn of the file source/detail/cryptography/compounddocument.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Th...

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib

...

[SECURITY] Fedora 44 Update: keylime-7.14.1-1.fc44

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

CVE-2026-30798

Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop, strategy processing modules allows Protocol Manipulation. This vulnerability is...

CVE-2026-30785

Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution', Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbbcommon on Windows, MacOS, Linux Password security module, config encryption, machine U...

CVE-2026-28209

FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, a command injection vulnerability exists in FreePBX when using the ElevenLabs Text-to-Speech TTS engine in the recordings module. This issue has been patched in versions 16.0.20...

CVE-2026-28284

FreePBX is an open source IP PBX. Prior to versions 16.0.10 and 17.0.5, the FreePBX logfiles module contains several authenticated SQL injection vulnerabilities. This issue has been patched in versions 16.0.10 and 17.0.5...

CVE-2026-28287

FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, multiple command injection vulnerabilities exist in the recordings module. This issue has been patched in versions 16.0.20 and 17.0.5...

EUVD-2018-21635

Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. Attackers can also download the SQLite database file directly from the application...

CVE-2026-28541

Permission control vulnerability in the cellulardata module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28547

Vulnerability of uninitialized pointer access in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28546

Buffer overflow vulnerability in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28543

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2018-25180

Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. Attackers can also download the SQLite database file directly from the application...