CVE-2026-8257

A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a manipulation results in reachable assertion. The attack needs to be approached locally. The explo...

PT-2026-35227

A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessordoDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the...

SUSE CVE-2026-5663

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

VulnCheck KEV: CVE-2026-3965

A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...

CVE-2026-5123

A weakness has been identified in osrg GoBGP up to 4.3.0. This impacts the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go. Executing a manipulation of the argument data1 can lead to off-by-one. The attack may be launched remotely. Attacks of this nature are highly complex. The...

GHSA-7C47-XR7Q-P6HG free5GC NRF Discovery EncodeGroupId Function Panics on Malformed group-id-list Parameter

Impact This is an Improper Input Validation vulnerability leading to Denial of Service. - Security Impact: A remote attacker can cause the NRF service to panic and crash by sending a crafted HTTP GET request with a malformed group-id-list parameter. This results in complete denial of service for...

CVE-2026-2531 MindsDB File Upload security.py clear_filename server-side request forgery

A security vulnerability has been detected in MindsDB up to 25.14.1. This vulnerability affects the function clearfilename of the file mindsdb/utilities/security.py of the component File Upload. Such manipulation leads to server-side request forgery. The attack may be performed from remote. The...

CVE-2026-2240 janet-lang janet compile.c janetc_pop_funcdef out-of-bounds

A vulnerability has been found in janet-lang janet up to 1.40.1. The impacted element is the function janetcpopfuncdef of the file src/core/compile.c. Such manipulation leads to out-of-bounds read. The attack must be carried out locally. The exploit has been disclosed to the public and may be use...

CVE-2025-13120

Summary : CVE-2025-13120 affects mruby up to 3.4.0, specifically the sort_cmp function in src/array.c, causing a use-after-free condition. Exploitation requires local access. A public patch is available (commit eb398971bfb43c38db3e04528b68ac9a7ce509bc). If CVE is relevant to you, apply the offici...

CVE-2023-53699 riscv: move memblock_allow_resize() after linear mapping is ready

In the Linux kernel, the following vulnerability has been resolved: riscv: move memblockallowresize after linear mapping is ready The initial memblock metadata is accessed from kernel image mapping. The regions arrays need to "reallocated" from memblock and accessed through linear mapping to cove...

CVE-2025-8224

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfdelfgetstrsection of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack...

DEBIAN-CVE-2025-7545

A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the publ...

Vyper's `slice()` may elide side-effects when output length is 0

Impact the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. the reason is that for these source locations, the check that length = 1 is skipped:...

OESA-2023-1838 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: A vulnerability classified as critical has been found in rhboot shim up to 15.7 on ARM. This affects the function mirroroneesl of the file mok.c of the component mok...

PT-2023-12409 · Unknown · Woorank Robots-Txt-Guard

Name of the Vulnerable Software and Affected Versions: Woorank robots-txt-guard affected versions not specified Description: A vulnerability was found in the function makePathPattern of the file lib/patterns.js. The manipulation of the argument pattern leads to inefficient regular expression...

CVE-2022-20042

In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487...

Solaris Update for /usr/sbin/wall 114861-01

Check for the Version of /usr/sbin/wall OpenVAS Vulnerability Test Solaris Update for /usr/sbin/wall 114861-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Solaris Update for /etc/smartcard/opencard.properties 109695-03

Check for the Version of /etc/smartcard/opencard.properties OpenVAS Vulnerability Test Solaris Update for /etc/smartcard/opencard.properties 109695-03 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you c...