CVE-2026-24800

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in tildearrow furnace extern/zlib modules. This vulnerability is associated with program files inflate.C...

CVE-2026-24800 A heap-based buffer over-read or buffer overflow in tildearrow/furnace

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in tildearrow furnace extern/zlib modules. This vulnerability is associated with program files inflate.C...

EUVD-2026-4798

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in tildearrow furnace extern/zlib modules. This vulnerability is associated with program files inflate.C...

EUVD-2026-4721

Out-of-bounds Write vulnerability in neka-nat cupoch thirdparty/libjpeg-turbo/libjpeg-turbo modules. This vulnerability is associated with program files tjbench.C. This issue affects cupoch...

EUVD-2026-4720

Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules. This vulnerability is associated with program files regcomp.C. This issue affects CloverBootloader: before 5162...

CVE-2026-24796 A Out-of-bounds Read vulnerability in CloverHackyColor/CloverBootloader

Out-of-bounds Read vulnerability in CloverHackyColor CloverBootloader MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules. This vulnerability is associated with program files regparse.C. This issue affects CloverBootloader: before 5162...

CVE-2026-24796

Out-of-bounds Read vulnerability in CloverHackyColor CloverBootloader MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules. This vulnerability is associated with program files regparse.C. This issue affects CloverBootloader: before 5162...

EUVD-2026-4716

Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager app/src/main/java/org/apache/commons/compress/archivers/tar modules. This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4...

CVE-2026-1465

CVE-2026-1465 affects anyRTC-RTMP-OpenSource (before 1.0) via improper restriction of operations within the bounds of a memory buffer in third_party/faad2-2.7/libfaad modules (bits.C, syntax.C). Red Hat, NVD, OSV and CVE lists describe it as a heap-based buffer over-read/overflow in tildearrow/fu...

CVE-2026-24479

Summary (CVE-2026-24479): HUSTOJ (open source online judge) before version 26.01.24 is vulnerable to a Zip Slip-like flaw in the problem_import_qduoj.php and problem_import_hoj.php modules. A malicious ZIP file can contain path traversal sequences (e.g., ../../shell.php) that, when extracted on t...

CVE-2026-24479 HUSTOJ has Arbitrary File Write (Zip Slip) in Problem Import Modules that leads to RCE

HUSTOF is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC and NOIP training. Prior to version 26.01.24, the problemimportqduoj.php and problemimporthoj.php modules fail to properly sanitize filenames within uploaded ZIP archives. Attackers can craft a malicious ZIP file...

CVE-2026-24479 HUSTOJ has Arbitrary File Write (Zip Slip) in Problem Import Modules that leads to RCE

HUSTOF is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC and NOIP training. Prior to version 26.01.24, the problemimportqduoj.php and problemimporthoj.php modules fail to properly sanitize filenames within uploaded ZIP archives. Attackers can craft a malicious ZIP file...

CVE-2026-24479 HUSTOJ has Arbitrary File Write (Zip Slip) in Problem Import Modules that leads to RCE

HUSTOF is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC and NOIP training. Prior to version 26.01.24, the problemimportqduoj.php and problemimporthoj.php modules fail to properly sanitize filenames within uploaded ZIP archives. Attackers can craft a malicious ZIP file...

PT-2026-4896

Name of the Vulnerable Software and Affected Versions turanszkij WickedEngine versions through 0.71.727 Description An out-of-bounds read issue exists in turanszkij WickedEngine, specifically within the LUA modules and associated file lparser.C. The issue is a heap-based buffer over-read that can...

PT-2026-4892

Out-of-bounds Write vulnerability in praydog UEVR dependencies/lua/src modules. This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects UEVR: before 1.05...

PT-2026-5001

Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules...

PT-2026-4874

NULL Pointer Dereference vulnerability in visualfc liteide liteidex/src/3rdparty/libvterm/src modules. This vulnerability is associated with program files screen.C, state.C, vterm.C. This issue affects liteide: before x38.4...

PT-2026-4883

Integer Overflow or Wraparound vulnerability in RawTherapee rtengine modules. This vulnerability is associated with program files dcraw.Cc. This issue affects RawTherapee: through 5.11...

PT-2026-4895

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files ldebug.C. This issue affects WickedEngine: before 0.71.705...

PT-2026-4865

Out-of-bounds Read vulnerability in CloverHackyColor CloverBootloader MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules. This vulnerability is associated with program files regparse.C. This issue affects CloverBootloader: before 5162...