175 matches found
EUVD-2026-40436
Capgo before 12.128.2 contains an information disclosure vulnerability in the /private/validatepasswordcompliance endpoint that returns different error responses for malformed, non-existent, and existing organization IDs. Unauthenticated attackers can enumerate valid organization UUIDs by observi...
Linux Distros Unpatched Vulnerability : CVE-2026-12969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability exists in dnsmasq's findsoa function in src/rfc1035.c. When parsing NS section records, extractname is called with...
Astra Linux – Vulnerability in Subversion
The Subversion’s modauthzsvn module will crash if the server uses in-repository authz rules with the AuthzSVNReposRelativeAccessFile option, and a client sends a request for a non-existent repository URL. This can cause disruptions for users of the service. This issue has been fixed in...
Astra Linux – Vulnerability in sudo
In Sudo version 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a non-existent user by executing sudo with a numerical UID that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability, as executing a command via sudo a...
CVE-2026-36957
Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory...
CVE-2026-37226
FlexRIC v2.0.0 is vulnerable: when the iApp receives an E42_RIC_SUBSCRIPTION_REQUEST referencing a non-existent E2 Node, the lookup returns NULL and triggers an abort in Debug builds (SIGABRT) or a segfault in Release builds (SIGSEGV), allowing a remote unauthenticated attacker to crash the iApp ...
FUXA has an unauthenticated arbitrary tag value disclosure via /api/getTagValue
Summary An authorization bypass in the /api/getTagValue endpoint allows unauthenticated access to tag values when the referenced script does not exist. Details The issue is caused by the combination of these code paths: - server/api/apikeys/verify-api-or-token.js:45 sends requests without x-api-k...
CVE-2026-7371
Multiple reflected cross-site scripting xss vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this...
CVE-2026-36957
Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory...
CLEANSTART-2026-CZ07385 Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\ProgramData\\\\\\\\Docker\\\\\\\\cli-plugins, a directory that does not exist by default
Multiple security vulnerabilities affect the tekton-pipelines-fips package. Docker CLI for Windows searches for plugin binaries in C:\\\\ProgramData\\\\Docker\\\\cli-plugins, a directory that does not exist by default. See references for individual vulnerability details...
CVE-2026-36957
The affected device is the Dbit Router, firmware V1.0.0 (Dbit N300 T1 Pro Easy Setup Wireless Wi‑Fi Router). The vulnerability is in the Boa web server URI handler, which can be exploited by sending a high-volume flood of HTTP GET requests to non-existent URIs, causing resource exhaustion (file d...
EUVD-2026-23957
XiangShan Open-source high-performance RISC-V processor commit edb1dfaf7d290ae99724594507dc46c2c2125384 2024-11-28 contains an improper exceptional-condition handling flaw in its CSR subsystem NewCSR. On affected versions, certain sequences of CSR operations targeting non-existent/custom CSR...
GHSA-MMPQ-5HCV-HF2V Parse Server has a login timing side-channel reveals user existence
Impact The login endpoint response time differs measurably depending on whether the submitted username or email exists in the database. When a user is not found, the server responds immediately. When a user exists but the password is wrong, a bcrypt comparison runs first, adding significant...
CVE-2026-34831
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Filesfail sets the Content-Length response header using Stringsize instead of Stringbytesize. When the response body contains multibyte UTF-8 characters, the declared Content-Length is smaller than the...
Google Android elevation of privilege vulnerability (CNVD-2026-18786)
Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android, which can be exploited by an attacker to cause an application to gain read and write access to non-existent files and local elevation of privilege...
CVE-2026-0035
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Symlink Attack
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Symlink Attack via the validateBindMounts process. An attacker can access files or directories outside of intended boundaries by exploiting symlinked parent directories combined with...
CVE-2026-0035
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-0035
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-52469 Chamilo: Friend Request Workflow Bypass - Unauthorized Friend Addition and ID Validation Bypass
Chamilo is a learning management system. Prior to version 1.11.30, a logic vulnerability in the friend request workflow of Chamilo’s social network module allows an authenticated user to forcibly add any user as a friend by directly calling the AJAX endpoint. The attacker can bypass the normal fl...