29066 matches found
CVE-2026-56373
A flaw was found in ImageMagick. This use-after-free vulnerability CWE-416 exists within the PDB Program Database decoder. A remote attacker could exploit this by tricking a user into processing a specially crafted malicious PDB file. This could lead to a denial of service DoS due to application...
EUVD-2026-43116
OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the legacy web UI program‑upload workflow. The application stores an attacker‑supplied filename progfile directly into the Programs.File database field and later uses this value as the destination path for an...
Zyxel Firewall - OS Command Injection
An OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100W firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1...
CVE-2026-14480
OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the legacy web UI program‑upload workflow. The application stores an attacker‑supplied filename progfile directly into the Programs.File database field and later uses this value as the destination path for an...
CVE-2026-14480 OpenPLC v3 External Control of File Name or Path
OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the legacy web UI program‑upload workflow. The application stores an attacker‑supplied filename progfile directly into the Programs.File database field and later uses this value as the destination path for an...
CVE-2026-14480
CVE-2026-14480 affects OpenPLC Runtime v3. An authenticated user can write arbitrary files via the legacy web UI program-upload workflow by storing a attacker-controlled filename (prog_file) that is later used as the destination path. Python os.path.join() honors absolute paths, enabling writes a...
CVE-2026-53448
Coturn’s CVE-2026-53448 concerns the HTTPS admin panel, where prior to 4.12.0 HTTP query parameters were interpolated into SQL queries without sanitization. The is_secure_string filter guarding the STUN path is not applied to admin panel operations delete-user, delete-secret, and delete-IP, allow...
CVE-2026-58459
gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...
CVE-2026-14809
Prog Management System developed by PROG MIS has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
EUVD-2026-36320
OpenClaw: Hook-triggered CLI runs could receive owner MCP tool authority...
[SECURITY] Fedora 44 Update: krita-6.0.2.1-1.fc44
Krita is a sketching and painting program. It was created with the following types of art in mind: - concept art - texture or matte painting - illustrations and comics...
SUSE CVE-2026-53033
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...
CVE-2026-53089
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter subsystem. When querying information for an offloaded BPF map or program, a race condition can occur during network namespace destruction. This can lead to a use-after-free vulnerability, potentially causing a system crash or denia...
SUSE-SU-2026:2653-1 Security update for util-linux
This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...
CVE-2026-53095
A flaw was found in the Linux kernel. This vulnerability allows for the abuse of the kprobewritectx mechanism through freplace in Berkeley Packet Filter BPF kprobe programs. A local attacker could exploit this by attaching a freplace program to a kprobe program that is attached to a kernel...
CVE-2026-53094
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stale offload-prog pointer after constant blinding When a dev-bound-only BPF program BPFFXDPDEVBOUNDONLY undergoes JIT compilation with constant blinding enabled bpfjitharden = 2, bpfjitblindconstants clones the program...
CVE-2026-53094
The CVE affects the Linux kernel BPF/JIT path for dev-bound-only XDP programs. When constant blinding is enabled (bpf_jit_harden >= 2), bpf_jit_blind_constants() clones the program and bpf_jit_prog_release_other() frees the original, but offload->prog isn’t updated, leaving a stale pointer....
EUVD-2026-38951
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix RCU stall in bpffdarraymapclear Add a missing condresched in bpffdarraymapclear loop. For PROGARRAY maps with many entries this loop calls progarraymappokerun per entry which can be expensive, and without yielding this c...
EUVD-2026-38942
In the Linux kernel, the following vulnerability has been resolved: bpf: reject short IPv4/IPv6 inputs in bpfprogtestrunskb bpfprogtestrunskb calls ethtypetrans first and then uses skb-protocol to initialize sk family and address fields for the test run. For IPv4 and IPv6 packets, it may access...
CVE-2026-53074
Summary of CVE-2026-53074 (Linux kernel) : The issue occurs in the bpf_prog_test_run_skb() path where the code may access ip_hdr(skb) or ipv6_hdr(skb) for IPv4/IPv6 inputs even when only an Ethernet header is present. If the Ethernet frame carries an IPv4/IPv6 EtherType but the Layer 3 header is ...