Test Runner MCP 命令注入漏洞

Test Runner MCP is a multi-framework testing and result-analysis tool for PrivSim individual developers. Version 0.2.0 of Test Runner MCP contains a command injection vulnerability. This vulnerability stems from the use of the childprocess.spawn function in the MCP Interface component, which allo...

SourceCodester Web-based Pharmacy Product Management System 注入漏洞

SourceCodester Web-based Pharmacy Product Management System is an open-source pharmacy product management system developed by SourceCodester. Version 1.0 of the SourceCodester Web-based Pharmacy Product Management System has a SQL injection vulnerability. This vulnerability arises from unknown...

TOTOLINK N300RH 缓冲区错误漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. The version TOTOLINK N300RH 3.2.4-B20220812 contains a buffer overflow vulnerability. This vulnerability arises from the loginauth function in the Parameter Handler component, where the handling of the Password...

EUVD-2025-209622

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial components...

PT-2026-36809

Name of the Vulnerable Software and Affected Versions Assimp version 6.0.2 Description A remote attacker can cause a denial of service through the MeshGeometry::MeshGeometry function within the FBXMeshGeometry.cpp file. Recommendations At the moment, there is no information about a newer version...

CentOS 9 : krb5-1.21.1-10.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the krb5-1.21.1-10.el9 build changelog. - In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls...

Linux Distros Unpatched Vulnerability : CVE-2026-7734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid....

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

Astra Linux – Vulnerability in Chromium

The use of “after free” in the Password Manager in Google Chrome before version 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: Medium...

Astra Linux – Vulnerability in Chromium

Before version 141.0.7390.107, using Safe Browsing in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...

Astra Linux – Vulnerability in Chromium

Using “after free” in Ozone in Google Chrome before version 145.0.7632.45 allowed a remote attacker who convinced a user to perform certain UI gestures to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability include Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0....

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Scripting. The supported versions affected by this vulnerability are Oracle Java SE: 8u391, 8u391-perf, 11.0.21; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Sign-In process in Google Chrome prior to version 1.3.36.351 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page. Chromium security severity: Medium...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page...

Astra Linux – Vulnerability in Chromium

Before version 130.0.6723.92, Dawn in Google Chrome allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: Critical...

Astra Linux – Vulnerability in Chromium

In the UI framework of Google Chrome, using “after free” before version 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...