67 matches found
CVE-2026-34319
Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Core Client. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes t...
CVE-2026-6765
Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
CVE-2026-23648
Glory RBG-100 recycler systems running ISPK-08 are affected by overly permissive file permissions in multiple system binaries, where binaries executed by root are writable and executable by unprivileged local users. An attacker with local access could replace or modify these binaries to run arbit...
kernel: tls: wait for pending async decryptions if tls_strp_msg_hold fails
A vulnerability was found in tlsdecryptsg in net/tls/tlssw.c in networking subsystem in the Linux Kernel.In this flaw, If it fails to clone of the input skb to hold the reference to the memory it uses may lead a use-after-free...
CVE-2025-24314
Intel CIP software prior to WIN_DCA_2.4.0.11001 has an improper access control in Ring 3 User Applications that may allow information disclosure. An unprivileged attacker with a privileged user and high-complexity conditions could exploit this via network access with no user interaction, potentia...
MAL-2025-49442 Malicious code in supermoy1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9475a55afb09c763931156dd64975c5355f86c204b58b0983dcecdc6fed4cb3a The package supermoy1 was found to contain malicious code...
EUVD-2021-27174
Malware in sbrugna...
EUVD-2023-1777
Malicious code in bioql PyPI...
EUVD-2022-40860
Malicious code in bioql PyPI...
MAL-2025-35820 Malicious code in test-mlw2-mucro-scala (npm)
The package test-mlw2-mucro-scala was found to contain malicious code...
go-pg SQL injection vulnerability via the component /types/append_value.go
go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/appendvalue.go...
HumanSignal label-studio-ml-backend Deserialization of Untrusted Data vulnerability
A vulnerability has been found in HumanSignal label-studio-ml-backend up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf and classified as problematic. Affected by this vulnerability is the function load of the file label-studio-ml-backend/labelstudioml/examples/yolo/utils/neuralnets.py of the...
MAL-2025-4168 Malicious code in cloud-pipeline-run (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2025-2360
A vulnerability classified as critical was found in D-Link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is the function SetUpnpSettings of the file /HNAP1/ of the component UPnP Service. The manipulation of the argument SOAPAction leads to improper authorization. The attack can be...
CVE-2025-21825
In the Linux kernel, the following vulnerability has been resolved: bpf: Cancel the running bpftimer through kworker for PREEMPTRT During the update procedure, when overwrite element in a pre-allocated htab, the freeing of oldelement is protected by the bucket lock. The reason why the bucket lock...
MAL-2025-1872 Malicious code in linkedin-internal (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1787 Malicious code in dropbox-internal (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2022-46945
Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php...
CVE-2024-57723
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component compositionsourceover...