60001 matches found
JLSEC-2026-460 An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font...
An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...
Exploit for CVE-2026-40003
CVE-2026-40003 aka Joselito is arbitrary memory write vulnerabil...
CVE-2026-41589
Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server,...
Chromium: CVE-2026-7899 Out of bounds read and write in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-7957 Out of bounds write in Media
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-7951 Out of bounds write in WebRTC
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-41589 Wish has SCP Path Traversal that allows arbitrary file read/write
Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server,...
CVE-2026-41589 Wish has SCP Path Traversal that allows arbitrary file read/write
Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server,...
CVE-2026-41589
CVE-2026-41589 concerns the SCP path traversal in charm.land/wish/v2, affecting Wish SSH server middleware. From version 2.0.0 up to 2.0.1 (before patch), the SCP file system handler can be tricked by crafted filenames containing ../ sequences, allowing a malicious SCP client to read arbitrary se...
EUVD-2026-28370
Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server,...
CVE-2026-33588 Arbitrary File Write Through Path Traversal
Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal...
CVE-2026-33588
Open Notebook v1.8.3 contains a path traversal flaw in its file upload feature that allows arbitrary file writes on the docker container due to insufficient input validation. An attacker with local access and no privileges can craft input to create or modify files. CVSSv4.0 metrics from ENISA yie...
CVE-2026-33588 Arbitrary File Write Through Path Traversal
Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal...
CLSA-2026-1778147239 exim: Fix of CVE-2026-40685
CVE-2026-40685: fix OOB heap write in dewrap during JSON expansion...
EUVD-2026-28327
Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...
Prometheus Azure AD remote write OAuth client secret exposed via config API
...
throttlestop-poc
throttlestop-poc This is a simple Proof-of-Concept that abuses...
CVE-2026-4430
Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...
CVE-2026-4430
Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...
CVE-2026-4430
Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...