3698 matches found
EUVD-2026-25697
A security vulnerability has been detected in SmythOS sre up to 0.0.15. Affected is the function AgentRuntime of the file packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts of the component HTTP Header Handler. Such manipulation of the argument X-DEBUG-RUN/X-DEBUG-INJ leads to improp...
CVE-2026-6992 Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection
A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...
CVE-2026-42171
NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges if they can cause myGetTempFileName to return 0, as shown in the references...
CVE-2026-41414
Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...
CVE-2026-41414 Skim: Arbitrary code execution via pull_request_target fork checkout in pr.yml
Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...
VulnCheck KEV: CVE-2025-69985
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...
GHSA-34R5-6J7W-235F Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode
Description String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences. Therefore, a maliciously forged – partially or completely – event payload, coming from an observed container, might inject the...
EUVD-2018-21787
Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...
CVE-2018-25271
Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...
CVE-2018-25271
Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...
CVE-2018-25271 Textpad 8.1.2 Denial of Service via Run Command
Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...
CVE-2018-25271
CVE-2018-25271 affects TextPad 8.1.2. The vulnerability stems from a buffer overflow in the Run command interface, where an excessively long input (a ~5000-byte payload) pasted into the Tools > Run Command field can crash the application. Impact is a local Denial of Service with the attacker n...
CVE-2018-25271 Textpad 8.1.2 Denial of Service via Run Command
Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013500)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013500 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: always report error in runonedelayedref Currently we have a btrfsdebug for runonedelayedre...
PT-2026-34467
Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...
Textpad 缓冲区错误漏洞
Textpad is a lightweight text editor developed by Textpad Inc. Version 8.1.2 of Textpad contains a buffer overflow vulnerability. This vulnerability stems from a denial-of-service vulnerability, which could allow local attackers to cause the application to crash by providing an overly long buffer...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013647)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013647 advisory. In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013662)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013662 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate data run offset This adds sanity checks for data run offset. We should make su...
CVE-2026-40161
Summary: Tekton Pipelines before 1.10.0, specifically the git resolver in API mode, can exfiltrate system-configured Git tokens when the token parameter is omitted. Affected software: Tekton Pipelines git resolver (API mode), versions 1.0.0–1.10.0. Vulnerability details: In API mode, the resolver...
BIT-AIRFLOW-2026-30898 Apache Airflow: Bad example of BashOperator shell injection via dag_run.conf
An example of BashOperator in Airflow documentation suggested a way of passing dagrun.conf in the way that could cause unsanitized user input to be used to escalate privileges of UI user to allow execute code on worker. Users should review if any of their own DAGs have adopted this incorrect advi...