13 matches found
CVE-2026-5185
A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...
CVE-2026-0861
Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...
CVE-2026-0861
Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...
PT-2025-52514
Name of the Vulnerable Software and Affected Versions Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 Description An HTML injection issue exists in Esri ArcGIS Web AppBuilder developer edition that could allow a remote, unauthenticated attacker to cause arbitrary HTML to rende...
Jenkins Plugin Active Directory 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
glibc: Multiple vulnerabilities
Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...
GNU Binutils debug.c File Denial of Service Vulnerability
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A security vulnerability exists in the...
Buffalo WZR-1750DHP2 Arbitrary Code Execution Vulnerability
The Buffalo WZR-1750DHP2 is a router product from the Buffalo Group of Japan. A security vulnerability exists in the Buffalo WZR-1750DHP2 version 2.30 and earlier. An attacker can exploit the vulnerability to bypass authentication and execute arbitrary commands...
GNU Binutils Denial of Service Vulnerability (CNVD-2018-08466)
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A security vulnerability exists in the...
JVN#96155055: PerlTreeBBS vulnerable to cross-site scripting
PerlTreeBBS from Homepage Decorator is a tree-structured bulletin board software. PerlTreeBBS contains a persistent cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according ...
Debian: Security Advisory (DSA-624-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] gaim updated again
A couple of bugs were found in the gaim 0.82 release, and gaim-0.82.1 was released to fix them. In addition, gaim-encryption-2.29 did not work with gaim-0.82 due to changes in the header files, so the gaim-encryption plugin has also been updated to gaim-encryption-2.30. Here are the details from...
DLINK 614+, script injection vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TITLE: Security flaw in DLINK 614+ - SOHO routers http://www.dlink.com TYPE: Script injection over DHCP QUOTE from DLINK: The AirPlus DI-614+ combines the latest advancements in 802.11b silicon chip design from Texas Instruments, utilizing their...