41223 matches found
GHSA-3H63-FX68-X5FM omec-project amf crashes when processing malformed LocationReports
A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attack can be launched remotely. The exploit has been published and may be used. This patch is called...
EUVD-2026-29345
A weakness has been identified in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this vulnerability is the function sub445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the...
CVE-2026-8349
A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attack can be launched remotely. The exploit has been published and may be used. This patch is called...
ROS-20260512-73-0004
Vulnerability in python-PyPDF2 related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient trustworthiness in Skia’s input validation mechanisms, which could allow remote attackers t...
Google Chrome 竞争条件问题漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a race condition vulnerability, which originated from a race condition issue in the Payments component. This vulnerability could allow remote attackers to exploit the system by usin...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from incorrect security UI in the Downloads component, which could allow remote attackers to execute UI spoofing through a...
PT-2026-40453
Name of the Vulnerable Software and Affected Versions Linux ksmbd affected versions not specified Description A remote memory corruption issue exists in the ACL inheritance path. Remote clients with directory creation permissions can trigger a heap out-of-bounds read and subsequent heap corruptio...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a buffer overflow vulnerability. This vulnerability stemmed from out-of-bounds write operations in the Media component, which could allow remote attackers with compromised rendering...
PT-2026-40284
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...
CVE-2026-8349 omec-project amf NGAP Message memory corruption
A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attack can be launched remotely. The exploit has been published and may be used. This patch is called...
CVE-2026-8349
CVE-2026-8349 affects the omec-project amf up to 2.1.1, specifically the NGAP Message Handler. A remote manipulation can cause memory corruption. An exploit has been published; a patch is available (hash: 8a4c33cdda866094f1989bdeff6d8642fce8de8435f89defd66831c97715f5aa). Remediation: apply the pa...
CVE-2026-8346
The CVE-2026-8346 entry concerns D-Link DIR-816 devices (firmware 1.10CNB05_R1B011D88210/variants) where the portForward function is vulnerable. A flaw in handling the ip_address argument enables remote command injection, with reported public exploits. The affected component is the portForward lo...
CVE-2026-8346 D-Link DIR-816 portForward command injection
A vulnerability was detected in D-Link DIR-816 1.10CNB05R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ipaddress results in command injection. The attack can be initiated remotely. The exploit is now public and may be used...
CVE-2026-8346 D-Link DIR-816 portForward command injection
A vulnerability was detected in D-Link DIR-816 1.10CNB05R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ipaddress results in command injection. The attack can be initiated remotely. The exploit is now public and may be used...
CVE-2026-8345
The vulnerability CVE-2026-8345 affects D-Link DIR-816 devices (firmware version 1.10CNB05_R1B011D88210). The issue resides in function sub_445E7C of /goform/singlePortForward, where manipulating the ip_address argument enables command injection. Exploitation can be performed remotely. The public...
CVE-2026-8345 D-Link DIR-816 singlePortForward sub_445E7C command injection
A security vulnerability has been detected in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this issue is the function sub445E7C of the file /goform/singlePortForward. Such manipulation of the argument ipaddress leads to command injection. It is possible to launch the attack remotely. The...
EUVD-2026-29201
A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toctransformer of the file pageindex/pageindex.py of the component PDF Table of Contents Handler. The manipulation results in infinite loop. Th...
CVE-2026-8344 D-Link DIR-816 formDMZ.cgi sub_445E7C command injection
A weakness has been identified in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this vulnerability is the function sub445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the...
CVE-2026-8344
A weakness has been identified in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this vulnerability is the function sub445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the...