8159 matches found
Potential out-of-bounds write via public `Context` fields
The Context struct has all fields public pub dlen, pub digest, etc.. Code from other modules within the same crate can directly modify dlen to a value exceeding the digest vector length. When reset is subsequently called, self.digestself.dlen as usize = 0 becomes an out-of-bounds write. Withdrawa...
CVE-2026-31771
A flaw was found in the Linux kernel's Bluetooth subsystem. A remote attacker could exploit a missing bounds check by sending a specially crafted, short Bluetooth Host Controller Interface HCI event frame. This could lead to a buffer overflow, potentially allowing the attacker to cause a denial o...
CVE-2026-7597 mem0ai mem0 faiss.py pickle.dump deserialization
A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...
CVE-2026-37525
AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-;context, NULL before...
Fedora 43 : emacs (2026-290753da75)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-290753da75 advisory. Fix CVE-2026-6861: memory corruption vulnerability when processing SVG CSS. Tenable has extracted the preceding description block directly from the Fedora...
Fedora 44 : emacs (2026-49b8ca7981)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-49b8ca7981 advisory. Fix CVE-2026-6861: memory corruption vulnerability when processing SVG CSS. Tenable has extracted the preceding description block directly from the Fedora...
DEBIAN-CVE-2025-14576
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
UBUNTU-CVE-2025-14576
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
CVE-2025-14576
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
CVE-2025-14576 Possible QML code injection in VectorImage component
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
CVE-2025-14576
CVE-2025-14576 affects Qt’s SVG module (VectorImage in Qt Quick). The root cause is insufficient validation of node IDs, enabling arbitrary QML/JavaScript code injection when loading malicious SVG files. The NVD entry notes local attack vector with no privileges required and passive user interact...
CVE-2025-14576
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
CVE-2025-14576 Possible QML code injection in VectorImage component
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
Agent389
Agent389 Agent389 is a professional, high-fidelity LDAP inje...
PT-2026-36093
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...
A Comparative Analysis of Machine Learning Models for Intrusion Detection in Intelligent Transport Systems
AI-powered edge computing security is moving Intelligent Transportation Systems ITS from passive, rule-based protections to proactive, smart, zero-touch, self-sufficient safeguards that neutralize threats in milliseconds. As transportation becomes more connected with edge computing, massive IoT,...
CVE-2018-25305 librsvg2-bin 2.40.13 Buffer Overflow via Malformed SVG
librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...
CVE-2026-26015
DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the "MCP test" behavior to achieve arbitrary remote code execution RCE...
EUVD-2026-26278
AgentFlow's local web API accepts non-JSON content types on POST /api/runs and POST /api/runs/validate endpoints without enforcing application/json validation, allowing attackers to bypass trust-boundary enforcement on sensitive operations. Attackers can exploit this content-type validation...
Emacs: emacs: memory corruption vulnerability when processing svg css
...