Gogs: LFS dedupe path leaks private repo content across tenants

Summary Git LFS storage is content-addressed by OID alone /// but per-repo authorization lives in the lfsobject table keyed repoid, oid. serveUpload skips re-uploading when the OID file already exists on disk and inserts a new repoid, oid row pointing at it without verifying the request body hash...

Schneider Electric U.motion Builder - SQL Injection

The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter. id: CVE-2018-7765 info: name: Schneider Electric U.motion...

PT-2026-51630

Summary Git LFS storage is content-addressed by OID alone /// but per-repo authorization lives in the lfs object table keyed repo id, oid. serveUpload skips re-uploading when the OID file already exists on disk and inserts a new repo id, oid row pointing at it without verifying the request body...

CVE-2026-41502

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decoder allows unauthenticated remote attackers to read one byte past an allocated buffer boundary by...

CVE-2026-11369

The Comment API GET /api/Comment and POST /api/Comment in the affected application fails to perform authorization checks to verify that the requesting user has access to the object identified by the relatedObjectId. This Insecure Direct Object Reference IDOR vulnerability allows any authenticated...

CVE-2026-41502

CVE-2026-41502 affects the BACnet Stack C library. The issue is an off-by-one out-of-bounds read in the rpm_decode_object_id() routine used by the ReadPropertyMultiple service decoder. It checks apdu_len

EUVD-2026-25624

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decoder allows unauthenticated remote attackers to read one byte past an allocated buffer boundary by...

Linux Distros Unpatched Vulnerability : CVE-2026-5187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Two potential heap out-of-bounds write locations existed in DecodeObjectId in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot befor...

CVE-2026-5187

Two potential heap out-of-bounds write locations existed in DecodeObjectId in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values out0 and out1, enabling a 2-byte out-of-bounds write when outSz equals 1. Second, multiple callers pass...

CVE-2026-5187 Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSL

Two potential heap out-of-bounds write locations existed in DecodeObjectId in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values out0 and out1, enabling a 2-byte out-of-bounds write when outSz equals 1. Second, multiple callers pass...

CVE-2026-5187

CVE-2026-5187 affects wolfSSL’s wolfcrypt DecodeObjectId() in asn.c, with two potential heap out-of-bounds writes. First, a bounds check validates only one slot before writing two OID arcs (out[0], out[1]), allowing a 2-byte OOB write when outSz == 1. Second, callers pass sizeof(decOid) (64 bytes...

CVE-2026-5187 Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSL

Two potential heap out-of-bounds write locations existed in DecodeObjectId in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values out0 and out1, enabling a 2-byte out-of-bounds write when outSz equals 1. Second, multiple callers pass...

SUSE CVE-2026-31410

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use volume UUID in FSOBJECTIDINFORMATION Use sb-suuid for a proper volume identifier as the primary choice. For filesystems that do not provide a UUID, fall back to stfs.ffsid obtained from vfsstatfs...

EUVD-2026-19194

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use volume UUID in FSOBJECTIDINFORMATION Use sb-suuid for a proper volume identifier as the primary choice. For filesystems that do not provide a UUID, fall back to stfs.ffsid obtained from vfsstatfs...

CVE-2026-31410

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use volume UUID in FSOBJECTIDINFORMATION Use sb-suuid for a proper volume identifier as the primary choice. For filesystems that do not provide a UUID, fall back to stfs.ffsid obtained from vfsstatfs...

WordPress plugin WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The WordPres...

CVE-2025-70363

Incorrect access control in the REST API of Ibexa & Ciril GROUP eZ Platform / Ciril Platform 2.x allows unauthenticated attackers to access sensitive data via enumerating object IDs...

EUVD-2025-208341

Incorrect access control in the REST API of Ibexa & Ciril GROUP eZ Platform / Ciril Platform 2.x allows unauthenticated attackers to access sensitive data via enumerating object IDs...

CVE-2025-70363

Incorrect access control in the REST API of Ibexa & Ciril GROUP eZ Platform / Ciril Platform 2.x allows unauthenticated attackers to access sensitive data via enumerating object IDs...

Improper Encoding or Escaping of Output

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the unit parameter in the Custom OID process. An attacker can execute...