60404 matches found
CVE-2026-24068
The VSL privileged helper does utilize NSXPC for IPC. The implementation of the "shouldAcceptNewConnection" function, which is used by the NSXPC framework to validate if a client should be allowed to connect to the XPC listener, does not validate clients at all. This means that any process can...
CVE-2026-24068
The CVE-2026-24068 issue affects Vienna Assistant (MacOS) via the VSL privileged helper that uses NSXPC for IPC. The core problem is that shouldAcceptNewConnection does not validate clients, allowing any process to connect and invoke HelperToolProtocol functions, notably writeReceiptFile and runU...
CVE-2026-24068 Missing XPC Client & NSXPC endpoint validation leads to privilege escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library
The VSL privileged helper does utilize NSXPC for IPC. The implementation of the "shouldAcceptNewConnection" function, which is used by the NSXPC framework to validate if a client should be allowed to connect to the XPC listener, does not validate clients at all. This means that any process can...
CVE-2026-24068
The VSL privileged helper does utilize NSXPC for IPC. The implementation of the "shouldAcceptNewConnection" function, which is used by the NSXPC framework to validate if a client should be allowed to connect to the XPC listener, does not validate clients at all. This means that any process can...
CVE-2026-34085
A flaw was found in fontconfig. This vulnerability, an off-by-one error in how fontconfig handles font capabilities, could allow a local attacker to cause a one-byte out-of-bounds write. This issue may lead to a system crash, resulting in a Denial of Service DoS, or potentially enable the attacke...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via FileHandle.chmod or FileHandle.chown functions which can use a "read-only" file descriptor to change the owner and permissions of a file. Notes: - This is only exploitable for users using the experimental...
net: annotate data-races around sk->sk_{data_ready,write_space}
...
bpf: Fix stack-out-of-bounds write in devmap
...
wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()
...
EUVD-2026-16096
Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains an active debug code vulnerability. If this vulnerability is exploited, files or configurations on the affected device may be read or written, or arbitrary files may be executed with root privileges...
CVE-2026-33201
Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains an active debug code vulnerability. If this vulnerability is exploited, files or configurations on the affected device may be read or written, or arbitrary files may be executed with root privileges...
SUSE CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
Canva Affinity Out-of-Bounds Write Vulnerability
Canva Affinity is a range of professional graphic design and image editing software from Canva Australia. Canva Affinity suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code using a specially crafted EMF file...
PT-2026-28337
Name of the Vulnerable Software and Affected Versions Vienna Assistant affected versions not specified Description The Vienna Assistant privileged helper utilizes NSXPC for Inter-Process Communication IPC. The implementation of the shouldAcceptNewConnection function, used by the NSXPC framework t...
SUSE SLES15 Security Update : kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:0997-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0997-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.179 fixes various security issues The following security issues were fixed: ...
GREEN HOUSE Digital Photo Frame 安全漏洞
GREEN HOUSE Digital Photo Frame is an electronic photo frame device produced by the Japanese company GREEN HOUSE. The GREEN HOUSE Digital Photo Frame GH-WDF10A has a security vulnerability. This vulnerability stems from active debugging code, which may allow reading or writing file configurations...
Incus 安全漏洞
Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.23.0 contained security vulnerabilities. These vulnerabilities stemmed from the pongo2 template in instance template files, which bypassed the chroot isolation mechanism, potentially allowing...
PT-2026-28360
Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0 Description EVerest is an EV charging software stack. Before version 2026.02.0, the ISO15118 chargerImpl::handle session setup function copies a variable-length payment options list into a fixed-size array o...
godoxy 路径遍历漏洞
Godoxy is a lightweight reverse proxy tool developed by Yuzerion’s individual developers. Versions of Godoxy prior to 0.27.5 contained a path traversal vulnerability. This vulnerability stemmed from the file content API endpoint’s lack of protection against path traversal, potentially allowing...
Zoraxy 路径遍历漏洞
Zoraxy is a general-purpose HTTP reverse proxy and forwarding tool developed by Toby Chui. Versions of Zoraxy prior to 3.3.2 contained a path traversal vulnerability. This vulnerability stemmed from the configuration import endpoint allowing authenticated path traversal, which could lead to...