CVE-2026-3315

CVE-2026-3315 concerns ASSA ABLOY Visionline on Windows, where incorrect default permissions enable configuration/environment manipulation and lead to execution with unnecessary privileges and improper assignment of permissions to a critical resource. Affected versions are Visionline prior to 1.3...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software...

EUVD-2026-10422

flarum/nicknames extension has display name injection in notification emails autolink & markdown...

Siemens SICAM SIAPP SDK has multiple vulnerabilities

The SICAM SIAPP SDK is a specialized toolkit designed to help developers build and simulate application containers that run on Siemens-specific hardware platforms. The Siemens SICAM SIAPP SDK contains multiple vulnerabilities that can be exploited by an attacker to compromise a customer-developed...

Azure MCP Server has Server-Side Request Forgery issue that allows authorized attacker to elevate privileges over a network

Server-Side Request Forgery SSRF in Azure MCP Server allows an authorized attacker to elevate privileges over a network...

编号撤回

“form” is a form state management program developed by TanStack. “R” is a statistical computing software provided by The R Foundation. This CVE number has been withdrawn...

PT-2026-24366

Name of the Vulnerable Software and Affected Versions DNG SDK versions 1.7.1 2471 and earlier Description The DNG SDK is affected by an Integer Overflow or Wraparound issue that may result in application denial-of-service. An attacker could exploit this to cause the application to crash or become...

CVE-2026-26741

PX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. When switching from Auto mode to Manual mode while the drone is in the "ARMED" state after landing and before the automatic disarm triggered by the COMDISARMLAND parameter, the system lacks a thrott...

CVE-2026-26738

Buffer Overflow vulnerability in Uderzo Software SpaceSniffer v.2.0.5.18 allows a remote attacker to execute arbitrary code via a crafted .sns snapshot file...

Siemens SICAM SIAPP SDK 安全漏洞

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. The Siemens SICAM SIAPP SDK suffers from a command execution vulnerability that can be exploited by attackers to cause command injection and full system cracking...

PT-2026-24365

Name of the Vulnerable Software and Affected Versions DNG SDK versions 1.7.1 2471 and earlier Description The DNG SDK is affected by an out-of-bounds write issue. Successful exploitation could lead to arbitrary code execution with the privileges of the current user. User interaction is needed for...

Intel Processors 输入验证错误漏洞

Intel Processors are a series of processors developed by the American company Intel. Intel Processors have a vulnerability related to input validation, which stems from improper input validation and may lead to privilege escalation. System software attackers with privileged access can potentially...

Adobe DNG SDK 输入验证错误漏洞

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An input validation error vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause a denial of service in an applicatio...

CVE-2026-28493

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerabili...

Eaton Easysoft 安全漏洞

Eaton Easysoft is a programming application used in the industrial field by Eaton, Inc. This software is used for programming Easy controllers and displays. It allows for the editing and visualization of circuit diagrams according to specified formats. Eaton Easysoft has security vulnerabilities;...

Siemens SICAM SIAPP SDK 安全漏洞

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. The Siemens SICAM SIAPP SDK suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to cause a stack overflow, which can be exploited for code execution and denial of service...

Siemens SICAM SIAPP SDK 安全漏洞

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. A denial of service vulnerability exists in the Siemens SICAM SIAPP SDK, which can be exploited by an attacker to cause a stack overflow that can crash the process and lead to a denial of service...

Siemens SICAM SIAPP SDK 缓冲区错误漏洞

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. The Siemens SICAM SIAPP SDK contains an out-of-bounds write vulnerability that can be exploited by an attacker to cause a denial of service or execute arbitrary code...

Siemens SINEC Security Monitor 安全漏洞

SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production at customer premises. Siemens SINEC Security Monitor suffers from an information disclosure vulnerability that can be exploited by attackers to obtain...

Adobe Substance3D Painter 代码问题漏洞

Adobe Substance3D Painter is a 3D scene-building software developed by Adobe, a company based in America. Versions of Adobe Substance3D Painter 11.1.2 and earlier contained a code vulnerability caused by a null pointer dereferencing, which could lead to a denial-of-service attack...