238 matches found
CVE-2026-45305
Unknown description...
CVE-2026-46627
Unknown description...
CVE-2026-47732
Unknown description...
CVE-2026-45755
Unknown description...
CVE-2026-45069
Unknown description...
CVE-2026-45753
Unknown description...
UBUNTU-CVE-2026-45073
Unknown description...
CVE-2026-45304
Unknown description...
CVE-2026-45664
Unknown description...
CVE-2026-46638
Unknown description...
CVE-2026-45070
Unknown description...
CVE-2026-44230
Unknown description...
CVE-2026-46693
Unknown description...
PT-2026-45158
Name of the Vulnerable Software and Affected Versions Twig affected versions not specified Description SandboxNodeVisitor fails to fully enforce SecurityPolicy::checkMethodAllowed for implicit toString calls because the set of wrapped AST nodes in CheckToStringNode is incomplete. This allows a...
CVE-2026-46529
PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen...
CVE-2025-54518
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation...
PT-2026-45007
Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.480 Description The software constructs all or part of a code segment using externally-influenced input from an upstream component without properly neutralizing special elements. This can modify the syntax or behavior...
CVE-2026-42304
Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression. A remote, unauthenticated attacker can exploit this by sending...
CVE-2026-42934
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset, sourcecharset, and charsetmap and proxypass with disabled buffering "off" directives are configured, unauthenticated attackers can send requests that with conditions beyond the attackers' contr...
CVE-2026-42926
When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxyhttpversion to 2, and also uses proxysetbody, an attacker may be able to inject frame headers and payload bytes to the upstream peer. Note: Software versions which have reached End of Technical Support EoTS are not...