504 matches found
Astra Linux – Vulnerability in Firefox
A stop condition for the iterator was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox versions less than 12...
MAL-2026-4244 Malicious code in hardhat-gas-profiler-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c21e0ec3571fccc81c8e047835e84f75b6f0d95e2e4ee7e3d11537b99eab8115 Package impersonates the Hardhat plugin ecosystem real Hardhat plugins are published under @nomicfoundation/; the referenced github.com/hardhat/...
Malicious code in hardhat-gas-profiler-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c21e0ec3571fccc81c8e047835e84f75b6f0d95e2e4ee7e3d11537b99eab8115 Package impersonates the Hardhat plugin ecosystem real Hardhat plugins are published under @nomicfoundation/; the referenced github.com/hardhat/...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the pprof endpoint. An attacker can obtain sensitive authentication tokens by sending unauthenticated requests to the /debug/pprof/cmdline endpoint and subsequently use the leaked token to gain unauthorized...
WordPress Optimole plugin <= 4.2.3 - Reflected Cross-Site Scripting via Page Profiler URL vulnerability
Reflected Cross-Site Scripting via Page Profiler URL vulnerability discovered by WordFence in WordPress Plugin Optimole versions = 4.2.3...
CVE-2026-5226 Optimole <= 4.2.3 - Reflected Cross-Site Scripting via Page Profiler URL
The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL paths in versions up to, and including, 4.2.3 This is due to insufficient output escaping on user-supplied URL paths in the getcurrenturl function, which are inserted into...
Linux Distros Unpatched Vulnerability : CVE-2026-32722
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports...
CVE-2026-32722
Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...
DEBIAN-CVE-2026-32722
Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...
UBUNTU-CVE-2026-32722
Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...
CVE-2026-32722
Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...
CVE-2026-32722 Memray-generated HTML reports vulnerable to Stored XSS via unescaped command-line metadata
Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...
CVE-2026-32722
Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...
CVE-2026-32722
Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...
BIT-PYTORCH-2025-2148 PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruption
A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler.callendcallbacksonjitfut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launch...
CVE-2025-20106
Uncontrolled search path in some software installer for some VTuneTM Profiler software and IntelR oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity...
CVE-2025-61969
Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...
[SECURITY] Fedora 42 Update: rust-rbspy-0.34.1-4.fc42
Sampling CPU profiler for Ruby...
PT-2026-7596
Name of the Vulnerable Software and Affected Versions AMD µProf affected versions not specified Description A flaw in permission assignment within AMD µProf could allow a local, privileged attacker to escalate their privileges, potentially leading to arbitrary code execution. Recommendations At t...
CVE-2025-20106
Uncontrolled search path in some software installer for some VTuneTM Profiler software and IntelR oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity...