18854 matches found
Time-of-check Time-of-use (TOCTOU) Race Condition
Overview Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in the HTTP Agent. An attacker can cause a client to accept a response as valid before the client has sent its request by exploiting the timing of HTTP responses. Remediation A fix was...
CVE-2026-12805
A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the copyString function. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers the...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper validation in the XMLParseBuffer function. An attacker can cause unexpected behavior, including potential data corruption or application crashes, by providing specially crafted input that...
CVE-2026-12776
Montodel House-Rental-Management is affected by an SQL injection in /index.php?page=houses triggered by manipulating the ID parameter. The flaw affects the application as a whole with a remote-access exploit published and the vendor pursuing a rolling-release strategy, making exact affected versi...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the MagicYUV decoder process in the libavcodec library. An attacker can cause a denial of service or potentially execute arbitrary code by submitting a specially crafted file that triggers an odd sliceheight valu...
CVE-2026-55187
creationtimestamp| type| source ---|---|--- 2026-06-17 03:22:25+00:00| published-proof-of-concept| https://github.com/axllent/mailpit/security/advisories/GHSA-w4mc-hhc6-xp28...
CVE-2026-54905
creationtimestamp| type| source ---|---|--- 2026-06-16 21:35:27+00:00| published-proof-of-concept| https://github.com/ruby-concurrency/concurrent-ruby/security/advisories/GHSA-wv3x-4vxv-whpp...
EUVD-2026-36692
A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function moddiagnose.CommandShellByType of the file /api/diagnosis/start of the component Web FastCGI Service. This manipulation of the argument Time causes command injection. The attack can be initiated remotely...
EUVD-2026-36668
A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a manipulation can lead to improper authorization in handler for custom url scheme. The attack can only be executed locally. The exploit has been...
EUVD-2026-36676
A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was...
CVE-2026-12201 IObit Malware Fighter DLL permission
A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was...
CVE-2026-12201 IObit Malware Fighter DLL permission
A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was...
CVE-2026-12201
CVE-2026-12201 affects IObit Malware Fighter (up to 13.2.0) via an unknown functionality in the DLL Handler component, where manipulation leads to permission issues. The flaw enables a local attacker with access to the system to trigger the vulnerability; an exploit has been published. The docume...
PT-2026-49615
CVE ID :CVE-2026-54294 Published : June 15, 2026, 6:33 p.m. | 1 hour, 17 minutes ago Description :None Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-49151
A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was...
PT-2026-49342
Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.10.0 Description The Shareable Playground feature, also known as Public Flows, allows unauthenticated users to execute workflows via a public link. A flaw in this feature enables arbitrary file reading depending on...
CVE-2026-40864
creationtimestamp| type| source ---|---|--- 2026-06-13 15:00:07+00:00| published-proof-of-concept| Telegram/rpU80BAIqup9jbze7w25ozrvXdkaGKGrrCImb0BnEmBLEk...
CVE-2026-54298
creationtimestamp| type| source ---|---|--- 2026-06-12 16:48:25+00:00| published-proof-of-concept| https://github.com/withastro/astro/security/advisories/GHSA-jrpj-wcv7-9fh9...
CVE-2026-44311
creationtimestamp| type| source ---|---|--- 2026-06-11 21:48:31+00:00| published-proof-of-concept| https://github.com/fabricjs/fabric.js/security/advisories/GHSA-w22m-hvvm-xmwx...