78 matches found
ROOT-OS-UBUNTU-2404-CVE-2026-52934 CVE-2026-52934 in rootio-linux - Patched by Root
Root has patched CVE-2026-52934 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
CVE-2026-25782
Gitea versions before 1.25.5 look up tracked-time entries by time ID without scoping the lookup to the issue in the request URL, allowing deletion attempts to target entries from another issue...
CVE-2026-25782
Gitea before 1.25.5 is affected: tracked-time entries are looked up by time ID without confirming the associated issue in the request URL, enabling deletion attempts to affect entries from a different issue. Root cause is improper scoping of the lookup. Impact is potential cross-item deletion of ...
EUVD-2026-41615
Gitea versions before 1.25.5 have insufficient permission checks when listing tracked time entries...
CVE-2026-20909
The CVE-2026-20909 affects Gitea prior to version 1.25.5, where there are insufficient permission checks when listing tracked time entries. This could allow unauthorized access to time-tracking data via the tracked-time list endpoint due to inadequate authorization enforcement in affected builds....
EUVD-2026-40153
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...
CVE-2026-13591 DeepMyst Mysti Contact Tracking ChannelBridge.ts _isTrackedConversation improper authorization
A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument channelType causes improper authorization. The attack may be initiated remotely. A...
CVE-2026-8358
A heap-based buffer overflow vulnerability was discovered in LibreOffice Calc's spreadsheet importer. When processing tracked changes from a spreadsheet document, the application fails to properly handle duplicate change identifiers. By reusing the same change identifier for two distinct types of...
CVE-2026-8358
LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...
CVE-2026-8358 Heap buffer overflow in spreadsheet tracked-changes import
LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...
EUVD-2026-36740
LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...
CVE-2026-8358 Heap buffer overflow in spreadsheet tracked-changes import
LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...
CVE-2026-8358
CVE-2026-8358 affects LibreOffice Calc during import of tracked changes. A heap buffer overflow occurs when a document reuses the same change identifier for two different kinds of changes; the importer may treat one change object as a larger type and write past the end of its allocation. The vuln...
CVE-2026-8358
LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...
PT-2026-49268
LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...
Linux Distros Unpatched Vulnerability : CVE-2026-8358
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for tw...
UBUNTU-CVE-2026-10230
A vulnerability was identified in Assimp up to 6.0.4. This impacts the function Assimp::MDL::HalfLife::HL1MDLLoader::readanimations of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally...
Malicious code in react-tracked-tony (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eeb24dfdd4a970dc44c017056c2a39bed6aa5973a7ec7e94b20c70d90114726c react-tracked-tony impersonates the popular react-tracked package: package.json sets name: react-tracked-tony, author: Daishi Kato, and homepage:...
CVE-2026-29134
creationtimestamp| type| source ---|---|--- 2026-04-02 10:13:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miixupggzk2i 2026-04-16 21:19:51+00:00| seen| Telegram/3Rneua8sJN4acwbkH9WJwYA0S4fbpKs2cDcX7PKNKVaNXM...
[SECURITY] Fedora 43 Update: libopenmpt-0.8.6-1.fc43
libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...