📄 MEmu Android Emulator 9.2.7.0 Privilege Escalation

MEmu Android Emulator version 9.2.7.0 suffers from a local privilege escalation vulnerability via insecure permissions. CVE-2026-36213 CVE-2026-36213 | Local Privilege Escalation in MEmu Android Emulator 9.2.7.0 via Insecure Service Binary Permissions | Patched in 9.3.2 CVE-2026-36213 — MEmu...

@fastify/middie vulnerable to middleware authentication bypass in child plugin scopes

Impact @fastify/middie v9.3.1 and earlier incorrectly re-prefixes middleware paths when propagating them to child plugin scopes. When a child plugin is registered with a prefix that overlaps with a parent-scoped middleware path, the middleware path is modified during inheritance and silently fail...

Interpretation Conflict

Overview @fastify/middie is a Middleware engine for Fastify Affected versions of this package are vulnerable to Interpretation Conflict in the resolveNormalizationOptions function's deprecated ignoreDuplicateSlashes configuration option. An attacker can bypass middleware by crafting URLs with...

CVE-2026-6270 @fastify/middie vulnerable to middleware authentication bypass in child plugin scopes

@fastify/middie versions 9.3.1 and earlier do not register inherited middleware directly on child plugin engine instances. When a Fastify application registers authentication middleware in a parent scope and then registers child plugins with @fastify/middie, the child scope does not inherit the...

CVE-2022-49323

creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...

CVE-2025-21038

Improper verification of intent by SamsungExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information...

CVE-2025-21040

Improper verification of intent by ExternalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information...

CVE-2024-13281

Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue affects Monster Menus: from 0.0.0 before 9.3.2...

CVE-2024-53246

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially disclose sensitive information. The vulnerability requires the exploitation of another vulnerability, suc...

VulnCheck KEV: CVE-2023-34133

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics:...

SUSE CVE-2010-0198

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203...

OPENSUSE-SU-2021:0397-1 Security update for mbedtls

This update for mbedtls fixes the following issues: - mbedtls was updated to version 2.16.9 - CVE-2020-10932: Fixed side channel in ECC code that allowed an adversary with access to precise enough timing and memory access information typically an untrusted operating system attacking a secure...

GHSA-FQ77-7P7R-83RJ Directory Traversal in Next.js

Impact - Not affected: Deployments on ZEIT Now v2 https://zeit.co are not affected - Not affected: Deployments using the serverless target - Not affected: Deployments using next export - Affected: Users of Next.js below 9.3.2 We recommend everyone to upgrade regardless of whether you can reproduc...

OpServices OpMon Remote Code Execution Vulnerability

OpServices OpMon is an IT infrastructure monitoring software from Brazil. OpServices OpMon 9.3.2 suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code...

Apple iOS WebKit Canvas Arbitrary Code Execution Vulnerability

Apple iOS is an operating system developed by Apple for mobile devices. WebKit is an open source web browser engine developed by KDE, Apple, Google and other companies, and is currently used by Apple Safari and Google Chrome, etc. WebKit is used as one of the drawing components. Canvas is used fo...

Acroread: Multiple code execution flaws (APSB10-09)

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service memory corruption or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0204...

Acroread: Multiple code execution flaws (APSB10-09)

Cross-site scripting XSS vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...