4483 matches found
MyBB Timeline Plugin 跨站脚本漏洞
The MyBB Timeline Plugin is a plugin provided by MyBB Corporation that offers dynamic timeline displays and social activity stream functions for MyBB forums. Version 1.0 of the MyBB Timeline Plugin contained a cross-site scripting vulnerability. This vulnerability stemmed from cross-site scriptin...
CVE-2026-8696
radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...
UBUNTU-CVE-2026-8696
radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...
CVE-2026-8696
radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...
CVE-2026-8696
CVE-2026-8696 affects radare2 6.1.5, specifically the GDB client core's gdbr_pids_list() function. The vulnerability is a use-after-free that can be triggered by malformed thread information responses, where qsThreadInfo fails after qfThreadInfo allocates RDebugPid structures. This leads to a dou...
CVE-2026-8696 radare2 6.1.5 Use-After-Free via gdbr_pids_list()
radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...
EUVD-2026-30635
radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...
CVE-2026-8696 radare2 6.1.5 Use-After-Free via gdbr_pids_list()
radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...
CVE-2026-8696
radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...
CVE-2026-8696
radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...
CVE-2026-8695
radare2 6.1.5 contains a use-after-free vulnerability in the gdbrthreadslist function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo response followed by a malformed qsThreadInfo response. Attackers can exploit this vulnerability through GDB remote...
DEBIAN-CVE-2026-34253
A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...
CVE-2026-34253
A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...
Radare2 资源管理错误漏洞
Radare2 is an open-source reverse framework for Unix-based geeks, developed by Radare. Version 6.1.5 of Radare2 contains a resource management vulnerability. This vulnerability stems from the reuse of resources after they are released in the gdbrthreadslist function. It could allow remote attacke...
Radare2 资源管理错误漏洞
Radare2 is an open-source reverse framework for Unix-based geeks, developed by Radare. Version 6.1.5 of Radare2 contains a resource management vulnerability. This vulnerability stems from the use of the gdbrpidslist function in the GDB client core, which allows for double memory deallocation afte...
PT-2026-41323
Name of the Vulnerable Software and Affected Versions radare2 version 6.1.5 Description A use-after-free issue exists in the gdbr threads list function. This occurs when a valid qfThreadInfo response is followed by a malformed qsThreadInfo response, allowing remote attackers to trigger memory...
CVE-2026-34253
CVE-2026-34253 : A buffer underflow in the ogg123 utility (vorbis-tools 1.4.3) affects the function remotethread in remote.c. The vulnerability occurs in the remote control handling when processing malformed input, causing a stack buffer underflow that can crash the application and potentially en...
EUVD-2026-30545
A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...
CVE-2026-34253
A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...
python: Fix of 4 CVEs
CVE-2019-9740: reject control characters in HTTP URL paths in httplib.HTTPConnection.putrequest to prevent CRLF header injection - CVE-2019-18348: reject control characters in hostnames in httplib.HTTPConnection.init via a new validatehost helper to prevent CRLF header injection the glibc...