21 matches found
CVE-2026-8560
Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...
PT-2026-35077
Name of the Vulnerable Software and Affected Versions BACnet Stack versions prior to 1.4.3 Description An off-by-one out-of-bounds read exists in the ReadPropertyMultiple service decoder. Unauthenticated remote attackers can read one byte past an allocated buffer boundary by sending a crafted RPM...
BACnet Stack 缓冲区错误漏洞
BACnet Stack is an open-source protocol stack for BACnet, designed to work on embedded systems, Linux, MacOS, BSD, and Windows. Versions prior to BACnet Stack 1.4.3 contained a buffer error vulnerability. This vulnerability stems from a out-of-bounds read vulnerability in the ReadPropertyMultiple...
DEBIAN-CVE-2026-4440
Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-25766 Echo has a Windows path traversal via backslash in middleware.Static default filesystem
Echo is a Go web framework. In versions 5.0.0 through 5.0.2 on Windows, Echo’s middleware.Static using the default filesystem allows path traversal via backslashes, enabling unauthenticated remote file read outside the static root. In middleware/static.go, the requested path is unescaped and...
Echo has a Windows path traversal via backslash in middleware.Static default filesystem
Summary On Windows, Echo’s middleware.Static using the default filesystem allows path traversal via backslashes, enabling unauthenticated remote file read outside the static root. Details In middleware/static.go, the requested path is unescaped and normalized with path.Clean URL semantics...
USN-7358-1 postgresql-9.5 vulnerabilities
Wolfgang Walther discovered that PostgreSQL incorrectly tracked tables with row security. A remote attacker could possibly use this issue to perform forbidden reads and modifications. CVE-2024-10976 Jacob Champion discovered that PostgreSQL clients used untrusted server error messages. An attacke...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
Google Chrome 后置链接漏洞
Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in versions prior to Google Chrome 75.0.3770.80, which stems from an improper implementation in the operating system and allows remote attackers to perform arbitrary reads or writes via a...
Google Pixel 缓冲区错误漏洞
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from incorrect boundary checking, which may result in out-of-bounds reads, which could lead to remote information leaks...
SUSE CVE-2008-1834
swfdecloadobject.c in Swfdec before 0.6.4 does not properly restrict local file access from untrusted sandboxes, which allows remote attackers to read arbitrary files via a crafted Flash file...
OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136)
Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of th...
undertow: AJP File Read/Inclusion Vulnerability
A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances...
ONKYO Onkyo TX-NR585 Information Disclosure Vulnerability
The ONKYO Onkyo TX-NR585 is a home audio/video receiver from ONKYO Japan. A security vulnerability exists in the ONKYO Onkyo TX-NR585 using firmware version 1000-0000-000-0008-0000. The vulnerability can be exploited by a remote attacker to read sensitive files with the help of the...
CVE-2018-0329
A vulnerability in the default configuration of the Simple Network Management Protocol SNMP feature of Cisco Wide Area Application Services WAAS Software could allow an unauthenticated, remote attacker to read data from an affected device via SNMP. The vulnerability is due to a hard-coded,...
OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
NEC EXPRESSCLUSTER X-1 on Linux Solaris Directory Traversal Vulnerability
NEC EXPRESSCLUSTER X on Windows, Linux, and Solaris is a suite of clustering software dual hot standby software from Nippon Electric Company NEC for Windows, Linux, and Solaris platforms. The software provides features such as shared disk arrays, automatic error detection and notification, and...
Multiple IBM Products Information Disclosure Vulnerabilities (CNVD-2015-06512)
IBM Maximo Asset Management is a suite of IT asset management solutions from IBM USA. An information disclosure vulnerability exists in multiple IBM products, allowing an authenticated remote user to obtain sensitive information by reading backed up or debugged application files...
SysAid On-Premise Absolute Path Traversal Vulnerability
SysAid On-Premise is a data delivery software that supports on-premise storage of enterprise data in a suite of Web-based IT service management solutions from the U.S. company SysAid. An absolute path traversal vulnerability exists in SysAid On-Premise versions prior to 14.4.2 that allows remote...
CVE-2009-2151
Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 allows remote attackers to read arbitrary files via a .. dot dot in the newlang parameter...