209 matches found
OpenClaw's hook transform module path allows traversal and arbitrary JavaScript module loading
Summary OpenClaw hook mapping transforms could be loaded via absolute paths or .. traversal, allowing arbitrary JavaScript module loading/execution in the gateway process when an attacker can modify hooks configuration. Affected Versions - Affected: = 2.0.0-beta3 and = 2026.2.13 - Fixed: 2026.2.1...
CVE-2026-2662
A weakness has been identified in FascinatedBox lily up to 2.3. This vulnerability affects the function counttransforms of the file src/lilyemitter.c. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could ...
CVE-2026-2662
A weakness has been identified in FascinatedBox lily up to 2.3. This vulnerability affects the function counttransforms of the file src/lilyemitter.c. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could ...
CVE-2026-2662
A weakness has been identified in FascinatedBox lily up to 2.3. This vulnerability affects the function counttransforms of the file src/lilyemitter.c. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could ...
CVE-2026-2662
CVE-2026-2662 affects FascinatedBox Lily up to version 2.3. The vulnerability is in function count_transforms of src/lily_emitter.c, where manipulation leads to an out-of-bounds read. Exploitation is local, and public PoC/ exploit material exists. Reports indicate the project was informed via iss...
CVE-2026-2662 FascinatedBox lily lily_emitter.c count_transforms out-of-bounds
A weakness has been identified in FascinatedBox lily up to 2.3. This vulnerability affects the function counttransforms of the file src/lilyemitter.c. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could ...
PT-2026-20486
A weakness has been identified in FascinatedBox lily up to 2.3. This vulnerability affects the function count transforms of the file src/lily emitter.c. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and coul...
lily 缓冲区错误漏洞
Lily is a programming language developed by FascinatedBox’s individual developers. Versions of Lily prior to 2.3 contained a buffer error vulnerability. This vulnerability stems from an out-of-bounds read in the counttransforms function located in the src/lilyemitter.c file, which could lead to...
Exploit for Use After Free in Mozilla Firefox
CVE-2025-14321 Proof of Concept - Probado en Mozilla Firefox...
A High-Performance Fractal Encryption Framework and Modern Innovations for Secure Image Transmission
The current digital era, driven by growing threats to data security, requires a robust image encryption technique. Classical encryption algorithms suffer from a trade-off among security, image fidelity, and computational efficiency. This paper aims to enhance the performance and efficiency of ima...
MiracleLinux 9 : thunderbird-91.12.0-1.el9.ML.1 (AXSA:2022-4047:20)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4047:20 advisory. Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 CVE-2022-2505 Mozilla: Directory indexes for bundled resources reflected URL parameters...
Fedora 41 : webkitgtk (2025-04c193ecfe)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-04c193ecfe advisory. Update to WebKitGTK 2.50.1: Improve text rendering performance. Fix audio playback broken on instagram. Fix rendering of layers with fractional transforms. F...
Linux Distros Unpatched Vulnerability : CVE-2025-59149
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In version 8.0.0, rules usi...
EUVD-2007-4272
Malware in sbrugna...
EUVD-2012-4007
Malware in sbrugna...
EUVD-2012-2873
Malware in sbrugna...
EUVD-2021-1569
Malware in sbrugna...
EUVD-2012-2851
Malware in sbrugna...
EUVD-2017-14481
Malware in sbrugna...
EUVD-2022-27898
Malicious code in bioql PyPI...