170 matches found
Microsoft Windows Collaborative Translation Framework 后置链接漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has a post-release link vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows 10 Version 18...
Microsoft PC Manager 后置链接漏洞
Microsoft PC Manager is a computer management software developed by Microsoft Corporation. It offers features such as one-click acceleration, system space management, pop-up management, and comprehensive health checks. Microsoft PC Manager has a post-release link vulnerability. Attackers can...
Microsoft .NET 后置链接漏洞
Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and network transparency. There is a post-release vulnerability in Microsoft .NET. Attackers can exploit...
CVE-2026-45289
CloudburstMC Protocol is a protocol library for Minecraft Bedrock Edition. Prior to version 3.0.0.Beta12-20260420.182526-15, CloudburstMC Protocol is partially missing validation for FULL type authentication tokens Cloudburst/Protocol. This vulnerability impacts publicly accessible software...
ROS-20260512-73-0011
Vulnerability in hdf5 related to memory usage after memory release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
catalystcoop-ferc-xbrl-extractor (>=0.6.1 <=0.8.4), catalystcoop-pudl (>=2022.11.30 <=2022.11.30.post1) +1 more potentially affected by CVE-2026-42796 via arelle-release (>=2.10.8 <=2.2.4)
arelle-release PYPI version =2.10.8, =0.6.1, =2022.11.30, =0.6.1, =0.7.0rc1 Source cves: CVE-2026-42796 Source advisory: SNYK:PYTHON-ARELLERELEASE-16635954...
Huawei HarmonyOS multi-mode input system double release vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A double-release vulnerability exists in the Huawei HarmonyOS multi-mode input system, which can be exploited by an attacker to cause an availability impact...
mercure 安全漏洞
Mercure is a real-time data delivery protocol and server implementation developed by Kévin Dunglas as an individual project. Versions of Mercure prior to 0.22.0 contained security vulnerabilities. These vulnerabilities were caused by conflicts in cache keys within the TopicSelectorStore, which...
Linux kernel double release vulnerability (CNVD-2026-16036)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a double-release vulnerability, which stems from the bsgdone function resulting in a double-release that can be exploited by an attacker to cause the...
EUVD-2026-17221
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, an unvalidated authlength field read from the network triggers a WINPRASSERT failure in rtsreadauthverifiernochecks, causing any FreeRDP client connecting through a malicious RDP Gateway to crash with SIGABR...
FreeRDP 安全漏洞
FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.23.0 contained security vulnerabilities. These vulnerabilities stemmed from data pointers in the xfAppUpdateWindowFromSurface cache pointing to XImage in the RDP GFX surface buffer...
Missing Release of Memory after Effective Lifetime
Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Missing Release of Resource after Effective Lifetime
Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Missing Release of Memory after Effective Lifetime
Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Missing Release of Memory after Effective Lifetime
Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Missing Release of Memory after Effective Lifetime
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Microsoft Windows 后置链接漏洞
Microsoft Windows is an operating system used on personal devices by the American company Microsoft. Microsoft Windows has a post-release vulnerability. Attackers can exploit this vulnerability to gain higher privileges...
ROS-20260128-73-0049
Vulnerability in kernel-lt related to memory usage after memory release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260128-73-0042
Vulnerability in kernel-lt related to memory usage after memory release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
vlt security vulnerabilities
Vlt is a code repository open-sourced by Vlt. Versions of Vlt prior to 1.0.0-rc.10 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the tar path cleanup, which could lead to path traversal during extraction...