CVE-2026-24882

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

CVE-2020-36948

VestaCP 0.9.8-26 contains a session token vulnerability in the LoginAs module that allows remote attackers to manipulate authentication tokens. Attackers can exploit insufficient token validation to access user accounts and perform unauthorized login requests without proper administrative...

EUVD-2020-30863

VestaCP 0.9.8-26 contains a session token vulnerability in the LoginAs module that allows remote attackers to manipulate authentication tokens. Attackers can exploit insufficient token validation to access user accounts and perform unauthorized login requests without proper administrative...

CVE-2020-36948

VestaCP 0.9.8-26 contains a session token vulnerability in the LoginAs module that allows remote attackers to manipulate authentication tokens. Attackers can exploit insufficient token validation to access user accounts and perform unauthorized login requests without proper administrative...

CVE-2020-36948

CVE-2020-36948 concerns VestaCP 0.9.8-26, where the LoginAs module contains a session token vulnerability due to insufficient token validation . This allows remote attackers to manipulate authentication tokens, enabling access to user accounts and performing unauthorized login requests without pr...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

CVE-2025-12387

A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...

CVE-2025-12387 Denial of Service in Pix-Link LV-WR21Q

A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...

CVE-2025-12387 Denial of Service in Pix-Link LV-WR21Q

A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...

EUVD-2025-206411

A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...

CVE-2026-24823

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in FASTSHIFT X-TRACK Software/X-Track/USER/App/Utils/lvimgpng/PNGdec/src modules. This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7...

CVE-2026-24820

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files ldebug.C. This issue affects WickedEngine: before 0.71.705...

CVE-2026-24810

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in rethinkdb src/cjson modules. This vulnerability is associated with program files cJSON.Cc. This issue affects rethinkdb: through v2.4.4...

CVE-2026-24814

Integer Overflow or Wraparound vulnerability in swoole swoole-src thirdparty/hiredis modules. This vulnerability is associated with program files sds.C. This issue affects swoole-src: before 6.0.2...

CVE-2026-24811

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...

CVE-2026-24810

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in rethinkdb src/cjson modules. This vulnerability is associated with program files cJSON.Cc. This issue affects rethinkdb: through v2.4.4...

CVE-2026-24814

Integer Overflow or Wraparound vulnerability in swoole swoole-src thirdparty/hiredis modules. This vulnerability is associated with program files sds.C. This issue affects swoole-src: before 6.0.2...

CVE-2026-24798

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine prog/3rdPartyLibs/miniupnpc modules. This vulnerability is associated with program files upnpreplyparse.C. This issue affects DagorEngine: through dagor20250115...

CVE-2026-24800

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in tildearrow furnace extern/zlib modules. This vulnerability is associated with program files inflate.C...