11129 matches found
CVE-2026-10231
A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extractanimvalue of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...
CVE-2026-10231
A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extractanimvalue of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...
CVE-2026-10231 Assimp Half-Life 1 MDL Loader HL1MDLLoader.cpp extract_anim_value heap-based overflow
A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extractanimvalue of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...
CVE-2026-10231
CVE-2026-10231 affects Assimp up to 6.0.4, specifically the HL1MDLLoader.cpp function HL1MDLLoader::extract_anim_value. A heap-based buffer overflow is triggered by manipulating the num.total argument. The attack requires local access, and public PoC/exploit material exists. The description does ...
RLSA-2026:22142 Important: php:8.3 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...
php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>
A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...
php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>
A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...
Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple
CVE-2019-9053 — Unauthenticated SQL Injection in CMS Made Simp...
OSV-2026-828 Use-of-uninitialized-value in ReadContainer
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517870853 Crash type: Use-of-uninitialized-value Crash state: ReadContainer PKImageDecodeInitializeWMP PKCodecFactoryCreateDecoderFromFile...
PT-2026-48348
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517870853 Crash type: Use-of-uninitialized-value Crash state: ReadContainer PKImageDecode Initialize WMP PKCodecFactory CreateDecoderFromFile...
EUVD-2026-33359
The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings...
CVE-2026-5386 KMW CCTV Security Cameras Unverified Password Change
The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without authentication, granting full access to the camera feeds and settings...
CVE-2026-5386
CVE-2026-5386 concerns KMW CCTV Security Cameras with a critical unauthenticated password reset that lets an attacker remotely reset the administrator password to a known value, granting full access to feeds and settings. The CVSS v3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) yields a base sc...
CVE-2026-40528
OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...
CVE-2026-40528 OpenSC < 0.27.0 Buffer Overrun in do_key_value() via profile.c
OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...
CVE-2026-40528 OpenSC < 0.27.0 Buffer Overrun in do_key_value() via profile.c
OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...
CVE-2026-40528
OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...
drm/amdgpu: Add bounds checking to ib_{get,set}_value
...
SUSE CVE-2026-46218
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...
[SECURITY] Fedora 44 Update: openbao-2.5.4-1.fc44
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...