Debian dla-4522 : libxml-parser-perl - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4522 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4522-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2026-23427

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix use-after-free in durable v2 replay of active file handles parsedurablehandlecontext unconditionally assigns dhinfo-fp-conn to the current connection...

CVE-2018-25251

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu t...

CVE-2016-20050

NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a crafted payload containing 388 bytes of data followed by 4 bytes of EIP overwrite into the...

CVE-2018-25251 Snes9K 0.0.9z Buffer Overflow SEH via Netplay Socket

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu t...

CVE-2018-25251

The CVE-2018-25251 entry concerns Snes9K 0.0.9z with a buffer overflow in the Netplay Socket Port Number field. The flaw allows local attackers to trigger a structured exception handler (SEH) overwrite by crafting a payload and pasting it into the Socket Port Number field via the Netplay Options ...

CVE-2016-20050 NetSchedScan 1.0 Buffer Overflow Denial of Service

NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a crafted payload containing 388 bytes of data followed by 4 bytes of EIP overwrite into the...

CVE-2016-20050

NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a crafted payload containing 388 bytes of data followed by 4 bytes of EIP overwrite into the...

CVE-2016-20050 NetSchedScan 1.0 Buffer Overflow Denial of Service

NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a crafted payload containing 388 bytes of data followed by 4 bytes of EIP overwrite into the...

CVE-2016-20050

NetSchedScan 1.0 is affected by a local-denial-of-service vulnerability due to a buffer overflow in the Hostname/IP field. A crafted input of 388 bytes followed by 4 bytes of EIP overwrite can crash the application. The issue is limited to local access and does not specify remote exploitation or ...

[SECURITY] [DLA 4522-1] libxml-parser-perl security update

Debian LTS Advisory DLA-4522-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin April 04, 2026 https://wiki.debian.org/LTS Package : libxml-parser-perl Version : 2.46-2+deb11u1 CVE ID : CVE-2006-10003 Debian Bug : 378412 It was discovered that libxml-parser-perl, a...

Incorrect Authorization

Overview directus is a Directus is a real-time API and App dashboard for managing SQL database content. Affected versions of this package are vulnerable to Incorrect Authorization in the TUS upload process. An attacker can overwrite arbitrary files and corrupt metadata by uploading files with the...

Directus: TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Summary Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only collection-level authorization checks, verifying the user has some permission on directusfile...

GHSA-QQMV-5P3G-PX89 Directus: TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Summary Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only collection-level authorization checks, verifying the user has some permission on directusfile...

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview directus is a Directus is a real-time API and App dashboard for managing SQL database content. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the filenamedisk parameter in the file management API. An...

Directus: Path Traversal and Broken Access Control in File Management API

Summary A broken access control vulnerability was identified in the Directus file management API that allows authenticated users to overwrite files belonging to other users by manipulating the filenamedisk parameter. Details The PATCH /files/id endpoint accepts a user-controlled filenamedisk...

GHSA-393C-P46R-7C95 Directus: Path Traversal and Broken Access Control in File Management API

Summary A broken access control vulnerability was identified in the Directus file management API that allows authenticated users to overwrite files belonging to other users by manipulating the filenamedisk parameter. Details The PATCH /files/id endpoint accepts a user-controlled filenamedisk...

PT-2026-30329

Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.16.1 Description Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

PT-2026-30375

10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...

SUSE CVE-2026-23427

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in durable v2 replay of active file handles parsedurablehandlecontext unconditionally assigns dhinfo-fp-conn to the current connection when handling a DURABLEREQV2 context with SMB2FLAGSREPLAYOPERATION...