MGB OpenSource Guestbook SQL注入漏洞

MGB OpenSource Guestbook is an open-source web-based message board system developed by MGB OpenSource. Version 0.7.0.2 of MGB OpenSource Guestbook has a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the id parameter, which may allow unauthenticated...

Astra Linux - уязвимость в qtimageformats-opensource-src

A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial of service DoS attack through a specially crafted MNG file...

Astra Linux - уязвимость в qtbase-opensource-src

A issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read issue due to a crafted reply from a DNS server...

Cleanuparr 安全漏洞

Cleanuparr is an automated tool developed by Cleanuparr OpenSource, designed to clean up invalid files in the download queue. Versions of Cleanuparr prior to 2.9.10 contained security vulnerabilities. These vulnerabilities stemmed from the TrustedNetworkAuthenticationHandler.ResolveClientIp...

Astra Linux - уязвимость в qtsvg-opensource-src

The module will parse a node that is not a child of a structural node. The node will be deleted after creation, but it may still be accessed later, leading to a use after free error...

Astra Linux - уязвимость в qtbase-opensource-src

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3...

Astra Linux - уязвимость в qtbase-opensource-src

A issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur due to a crafted KTX image file...

OpenVPN OpenSource 安全漏洞

OpenVPN OpenSource is a virtual private network communication software developed by OpenVPN Inc., based on the SSL/TLS protocol. OpenVPN OpenSource has a security vulnerability; this vulnerability stems from bypassing access restrictions through the TLS handshake, potentially leading to the readi...

CVE-2026-41667

Technical details about CVE-2026-41667 are not provided in the supplied documents. The description notes an integer overflow in Samsung ONE’s constant tensor data size calculation affecting large constant nodes, with affected versions prior to commit 1.30.0; monitor for updates.

PT-2026-34261

CVE-2026-41667 Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is… https://t.co/Xi4APjqrso...

Marginal 安全漏洞

Marginal is an asset trading platform developed by Marginal OpenSource. There is a security vulnerability in Marginal, which stems from the execution of insecure downcasting operations. This vulnerability could allow attackers to settle large debt positions at a negligible cost for assets...

SC 缓冲区错误漏洞

SC is a software developed by SC OpenSource. Version 7.16 of SC contains a buffer overflow vulnerability, which stems from a stack buffer overflow. This vulnerability could allow local attackers to execute arbitrary code...

OpenSource-WorkShop Connect-CMS 代码问题漏洞

OpenSource-WorkShop Connect-CMS is a content management system developed by the OpenSource-WorkShop company, designed for easy website creation. Versions of OpenSource-WorkShop Connect-CMS prior to 1.41.0 and 2.41.0 contain code vulnerabilities. These vulnerabilities stem from the Page Management...

OpenSource-WorkShop Connect-CMS 代码注入漏洞

OpenSource-WorkShop Connect-CMS is a content management system used by the OpenSource-WorkShop company, designed for easy website creation. Versions of OpenSource-WorkShop Connect-CMS prior to 1.41.0 and 2.41.0 contain a code injection vulnerability. This vulnerability stems from issues with the...

Ubuntu: Security Advisory (USN-8076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2026-23058

Name of the Vulnerable Software and Affected Versions changedetection.io versions prior to 0.54.4 Description The software contains a reflected cross-site scripting XSS issue in the /rss/tag/ endpoint. The tag uuid path parameter is directly included in the HTTP response without proper HTML...

CVE-2026-3049

A vulnerability was detected in horilla-opensource horilla up to 1.0.2. This issue affects the function get of the file horillagenerics/globalsearch.py of the component Query Parameter Handler. The manipulation of the argument prevurl results in open redirect. The attack can be executed remotely...

CVE-2026-3049

A vulnerability was detected in horilla-opensource horilla up to 1.0.2. This issue affects the function get of the file horillagenerics/globalsearch.py of the component Query Parameter Handler. The manipulation of the argument prevurl results in open redirect. The attack can be executed remotely...

CVE-2026-3050

A flaw has been found in horilla-opensource horilla up to 1.0.2. Impacted is an unknown function of the file static/assets/js/global.js of the component Leads Module. This manipulation of the argument Notes causes cross site scripting. The attack is possible to be carried out remotely. The exploi...

CVE-2026-3049

A vulnerability was detected in horilla-opensource horilla up to 1.0.2. This issue affects the function get of the file horillagenerics/globalsearch.py of the component Query Parameter Handler. The manipulation of the argument prevurl results in open redirect. The attack can be executed remotely...