Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in tapriochange In 'tapriochange', 'admin' pointer may become dangling due to sched switch / removal caused by 'advancesched', and critical section protected by 'q-currententrylock' is too small to...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fixed the mpolnew leak in sharedpolicyreplace. If mpolnew is allocated but not used during the restart loop, mpolnew will be freed via mpolput before returning to the caller. However, refcnt has not been initialized...

Astra Linux - уязвимость в imagemagick

Due to a missing check for the 0 value of replaceextent, it is possible for the offset p to overflow in SubstituteString, potentially affecting application availability. This issue can be triggered by an input file crafted with ImageMagick. The flaw affects ImageMagick versions prior to 7.0.8-68...

CVE-2026-7086

A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component Storyboard Export. Such manipulation of the argument url leads to path traversal. It is possible to launch the attack remotely. The...

CVE-2018-25290

Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the vulnerability by accessing File Tools Replace Text and pasting a 7000-byte payload into the text...

CVE-2018-25290 Easyboot 6.6.0 Buffer Overflow Denial of Service

Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the vulnerability by accessing File Tools Replace Text and pasting a 7000-byte payload into the text...

CVE-2018-25290 Easyboot 6.6.0 Buffer Overflow Denial of Service

Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the vulnerability by accessing File Tools Replace Text and pasting a 7000-byte payload into the text...

EUVD-2018-21810

Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the vulnerability by accessing File Tools Replace Text and pasting a 7000-byte payload into the text...

CVE-2018-25290

CVE-2018-25290 affects Easyboot 6.6.0. A buffer overflow in the Replace Text function can be triggered by pasting a 7000-byte payload into the text fields via File > Tools > Replace Text, allowing local attackers to crash the application and cause a denial of service. The vulnerability requ...

CVE-2018-25290

Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the vulnerability by accessing File Tools Replace Text and pasting a 7000-byte payload into the text...

EZB Systems Easyboot 安全漏洞

EZB Systems Easyboot is a tool developed by EZB Systems that simplifies the process of creating boot discs for Linux systems and installing operating systems. Version 6.6.0 of EZB Systems Easyboot contains a security vulnerability. This vulnerability stems from a buffer overflow in the Replace Te...

PT-2026-35260

Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the vulnerability by accessing File Tools Replace Text and pasting a 7000-byte payload into the text...

CVE-2026-31640

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpcpostresponse, the code should be comparing the challenge serial number from the cached response before deciding to switch to a newer response, but...

PT-2026-34992

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpc post response, the code should be comparing the challenge serial number from the cached response before deciding to switch to a newer response, but...

CLSA-2026-1776948287 vim: Fix of CVE-2022-3234

CVE-2022-3234 fix heap buffer overflow in opreplace when replacing NUL after Tab in virtualedit mode...

CLSA-2026-1776947567 vim: Fix of CVE-2022-3234

CVE-2022-3234 fix heap buffer overflow in opreplace when replacing NUL after Tab in virtualedit mode...

OSV-2026-610 Memcpy-param-overlap in htx_replace_blk_value

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504612570 Crash type: Memcpy-param-overlap Crash state: htxreplaceblkvalue httpreplaceheadervalue httpschemebasednormalize...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013675)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013675 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix invalid address access when enabling SCAN log level The variable i is changed...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007454)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007454 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: clsu32: Undo tcfbindfilter if u32replacehwknode When u32replacehwknode fails, we need...

WordPress Better Find and Replace - AI-Powered Suggestions plugin <= 1.7.9 - Authenticated (Author+) Stored Cross-Site Scripting via Uploaded Image Title vulnerability

WordPress Better Find and Replace - AI-Powered Suggestions plugin = 1.7.9 - Authenticated Author+ Stored Cross-Site Scripting via Uploaded Image Title vulnerability discovered by kai63001 in WordPress Plugin Better Find and Replace versions = 1.7.9...