Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Astra Linux – Vulnerability in binutils

A vulnerability has been discovered in GNU Binutils 2.43 and is classified as problematic. The vulnerability affects the function sanitizer::internalstrlen in the file binutils/nm.c of the nm component. Manipulation of the const argument leads to a buffer overflow. The attack can be launched...

Astra Linux – Vulnerability in Chromium

Before version 141.0.7390.107, using Safe Browsing in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...

MiracleLinux 7 : binutils-2.27-44.0.1.base.el7.1.AXS7 (AXSA:2025-9812:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9812:01 advisory. - CVE-2025-0840: fix stack-buffer-overflow at objdump disassemblebytes CVEs: CVE-2025-0840 A vulnerability, which was classified as problematic, was found in...

CVE-2026-22781 TinyWeb CGI Command Injection

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. TinyWeb HTTP Server before version 1.98 is vulnerable to OS command injection via CGI ISINDEX-style query parameters. The query parameters are passed as command-line arguments to the CGI executable via Windows CreateProcess. An...

CVE-2025-46066

An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges...

Automai Director 安全漏洞

Automai Director is a centralized automation management console from Automai Corporation. A security vulnerability exists in Automai Director version 25.2.0, which can be exploited by a remote attacker to elevate privileges and gain access to sensitive information via a specially crafted js file...

CVE-2025-46066

An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges...

PT-2026-2044

Name of the Vulnerable Software and Affected Versions Merit LILIN DVR/NVR models affected versions not specified Merit Lilin DH032 affected versions not specified Description An authenticated remote attacker can inject arbitrary OS commands on Merit LILIN DVR/NVR devices and execute them. This is...

ROS-20260112-7366

A vulnerability in the f2fs component of the Linux operating system kernel involves improper error handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2026-0840

A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this vulnerability is the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart leads to buffer overflow. It is possible to initiate the attack remotely. The exploi...

CVE-2026-0840 UTT 进取 520W formConfigNoticeConfig strcpy buffer overflow

A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this vulnerability is the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart leads to buffer overflow. It is possible to initiate the attack remotely. The exploi...

CVE-2026-0839

CVE-2026-0839 affects UTT 进取 520W (firmware 1.7.7-180627). The vulnerability is a buffer overflow in the strcpy operation of the file /goform/APSecurity, exploitable via manipulation of the wepkey1 argument. Reported as exploitable from remote, with public exploit available. Affected component is...

CVE-2026-0839 UTT 进取 520W APSecurity strcpy buffer overflow

A weakness has been identified in UTT 进取 520W 1.7.7-180627. Affected is the function strcpy of the file /goform/APSecurity. Executing a manipulation of the argument wepkey1 can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and...

CVE-2026-0837

A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor...

PT-2026-2035

Name of the Vulnerable Software and Affected Versions UTT 进取 520W version 1.7.7-180627 Description A flaw exists in the strcpy function within the /goform/APSecurity file. Manipulation of the wepkey1 argument can lead to a buffer overflow, potentially allowing for remote attacks. The exploit has...

CVE-2026-0821

A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function jstypedarrayconstructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-69258

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations...

CVE-2025-15493

A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-15493

A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possible to launch the attack remotely. The exploit h...