3228 matches found
CVE-2025-65136
Summary: CVE-2025-65136 affects the Manikandan580 School-management-system 1.0. The vulnerability is a reflected XSS in the admin-facing page /studentms/admin/contact-us.php, exploitable via the pagedes POST parameter. The accompanying data from multiple sources (NVD, EUVD-ENISA, CVE lists, and v...
CVE-2026-39855
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
DEBIAN-CVE-2026-39856
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...
UBUNTU-CVE-2026-39855
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
UBUNTU-CVE-2026-39856
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...
CVE-2026-39855
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
CVE-2026-39856
osslsigncode (before 2.13) has an out-of-bounds read in PE page-hash calculation (pe_page_hash_calc) when processing PE sections. The code uses PointerToRawData and SizeOfRawData from section headers without ensuring the referenced region lies within the mapped file, allowing an attacker to craft...
CVE-2026-39856
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...
CVE-2026-39856 osslsigncode has an Out-of-Bounds Read via Unvalidated Section Bounds in PE Page Hash Calculation
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...
CVE-2026-39856 osslsigncode has an Out-of-Bounds Read via Unvalidated Section Bounds in PE Page Hash Calculation
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...
CVE-2026-39855
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
CVE-2026-39855
osslsigncode prior to 2.13 contains an integer underflow in the PE page-hash calculation (pe_page_hash_calc). If SizeOfHeaders (hdrsize) > SectionAlignment (pagesize), hdrsize is subtracted from pagesize without validation, producing a large unsigned length. The code allocates a zero-filled bu...
EUVD-2026-20944
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
Linux Distros Unpatched Vulnerability : CVE-2026-39856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of- bounds read vulnerability exists in osslsigncode version...
PT-2026-31647
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pe page hash calc. When processing PE sections for page hashing, the function uses...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006670)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006670 advisory. In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in isexecutablesection The comparison should be = to prevent an out of...
CVE-2026-35176 openFPGALoader has a heap buffer overflow in POFParser::parseSection() via crafted .pof file
openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability...
PT-2026-30711
openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability...
Student-Management-System 代码问题漏洞
Student-Management-System is an open-source student information management system developed by Cyber-III. Versions of Student-Management-System with the code ID 1a938fa61e9f735078e9b291d2e6215b4942af3f and earlier versions have code-related vulnerabilities. These vulnerabilities stem from incorre...
XMLDOM 安全漏洞
XMLDOM is a JavaScript implementation of the W3C DOM for Node developed by jindw. Versions of XMLDOM prior to 0.6.0, 0.8.12, and 0.9.9 contain security vulnerabilities. These vulnerabilities stem from allowing attackers to insert controlled strings into CDATASection nodes, potentially leading to...