5549 matches found
CVE-2026-0005
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and...
CVE-2026-0005
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and...
CVE-2026-0005
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the xcofflinkaddsymbols function when a user is tricked into running it against a specially crafted XCOFF object file. An attacker can access sensitive information or cause a partial denial of service by supplying ...
EUVD-2025-208143
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to SQL Injection via the 'couponcode' parameter in all versions up to, and including, 3.9.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
libceph: make free_choose_arg_map() resilient to partial allocation
...
EUVD-2025-208129
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
CVE-2025-15567
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
CVE-2025-15567
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
CVE-2025-15567
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
CVE-2025-15567
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
PT-2026-22309
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure
...
CVE-2026-27474
SPIP before 4.4.9 allows Cross-Site Scripting XSS in the private area, complementing an incomplete fix from SPIP 4.4.8. The echappeantixss function was not systematically applied to input, form, button, and anchor a HTML tags, allowing an attacker to inject malicious scripts through these element...
Important: openssl11
Issue Overview: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 When using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths,...
Amazon Linux 2 : edk2, --advisory ALAS2-2026-3150 (ALAS-2026-3150)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3150 advisory. Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 When using...
kernel: Linux kernel: Data corruption and system instability due to improper io_uring/net buffer handling
A flaw was found in the Linux kernel's iouring/net component. This vulnerability arises when ring provided buffers are partially committed during network operations, particularly when MSGWAITALL is enabled or with streaming sockets. A local attacker could exploit this by causing multiple socket...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the handlepartialget process. An attacker can access sensitive information from heap memory by sending specially crafted HTTP Range headers to a server using the embedded SoupServer component. This is only...
CVE-2020-37181 Torrent FLV Converter 1.51 Build 117 - Stack Oveflow (SEH partial overwrite)
Torrent FLV Converter 1.51 Build 117 contains a stack overflow vulnerability that allows attackers to overwrite Structured Exception Handler SEH through a malicious registration code input. Attackers can craft a payload with specific offsets and partial SEH overwrite techniques to potentially...
CVE-2020-37181
Torrent FLV Converter 1.51 Build 117 contains a stack overflow that allows overwriting the Structured Exception Handler (SEH) via a crafted registration code input, enabling potential arbitrary code execution on vulnerable Windows 32-bit systems. The vulnerability is triggered by specific offsets...