205431 matches found
CVE-2026-34926
A directory traversal vulnerability in the Apex One on-premise server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex...
CVE-2025-58074
A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges...
CVE-2026-43620
A flaw was found in rsync. A malicious rsync server can exploit an out-of-bounds read vulnerability in the recvfiles function. By manipulating compatibility flags and transfer records, the server can cause a connecting client to attempt to read memory outside of allocated bounds. This can lead to...
CVE-2026-29518
A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...
CVE-2026-43619
A flaw was found in rsync. A local attacker with filesystem access on the daemon host can exploit a symlink race vulnerability CWE-367 Time-of-check to time-of-use in rsync daemons configured with 'use chroot = no'. This allows the attacker to redirect path-based system calls, such as chmod,...
CVE-2026-43617
A flaw was found in rsync. When an rsync daemon is configured with "daemon chroot = /X" and uses hostname-based access control lists ACLs, and the chrooted directory /X lacks necessary DNS resolution files, a remote attacker can bypass hostname-based deny rules. This occurs because the daemon...
CVE-2026-43618
A flaw was found in rsync. An authenticated daemon peer can exploit an integer overflow vulnerability in the compressed-token decoder. By carefully manipulating the compressed-token, a malicious sender can trigger an overflow, leading to remote memory disclosure. This allows an attacker to leak...
CVE-2026-48172
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...
CVE-2026-44065
An off-by-two error in lpwrite in papd in Netatalk 2.0.0 through 4.4.2 allows an adjacent network attacker to modify limited data or cause a minor service disruption via crafted print data...
CVE-2026-44058
An authentication bypass vulnerability in Netatalk 2.2.2 through 4.4.2 allows a remote privileged user to authenticate as an arbitrary user via the admin auth user mechanism...
CVE-2026-44066
Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Netatalk 3.1.0 through 4.4.2 allow a remote authenticated attacker to obtain sensitive information or cause a minor service disruption...
CVE-2026-44064
An out-of-bounds read in ASP session ID handling in Netatalk 1.3 through 4.4.2 allows an adjacent network attacker to obtain limited information or cause a denial of service via a crafted ASP request...
CVE-2026-44048
A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...
CVE-2026-8469
Allocation of Resources Without Limits or Throttling vulnerability in phenixdigital phoenixstorybook allows unauthenticated denial-of-service via BEAM atom table exhaustion. Multiple LiveView event handlers convert user-supplied event parameter strings to atoms using String.toatom/1 without...
CVE-2026-39405
Frappe Learning Management System LMS is a learning system that helps users structure their content. In versions 2.50.0 and below, a user with course editing role could upload a SCORM ZIP package to write files outside the intended directory. This issue has been resolved in version 2.50.1...
CVE-2026-7860
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...
CVE-2026-47068
Authorization Bypass Through User-Controlled Key vulnerability in phenixdigital phoenixstorybook allows cross-session PubSub topic injection via a URL query parameter. 'Elixir.PhoenixStorybook.Story.ComponentIframeLive':handleparams/3 in lib/phoenixstorybook/live/story/componentiframelive.ex read...
CVE-2026-21836
The HCL DominoIQ RAG feature is affected by a Broken Access Control vulnerability. Under certain circumstances, document level access restrictions will be ignored when determining what data to return from an AI query. This could enable an authenticated attacker to view sensitive data...
CVE-2026-22554
MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability...
CVE-2026-8467
Code Injection vulnerability in phenixdigital phoenixstorybook allows unauthenticated remote code execution via unsanitized attribute value interpolation in HEEx template generation. The psb-assign WebSocket event handler in 'Elixir.PhoenixStorybook.Story.PlaygroundPreviewLive':handleevent/3...
CVE-2026-39352
Frappe is a full-stack web application framework. Versions prior to 15.105.0 and 16.15.0 contain a possible Arbitrary File Read vulnerability via Path Traversal. The issue is resolved in versions 16.15.0, 15.105.0 and above...
CVE-2026-23734
XWiki Platform is a generic wiki platform. Versions prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17 allow access to read configuration files by using URLs such as http://localhost:8080/bin/ssx/Main/WebHome?resource=/../../WEB-INF/xwiki.cfg=false, leading to Path Traversal. The vulnerability i...
CVE-2026-8959
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...
CVE-2026-8947
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...
CVE-2026-8968
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...
CVE-2026-8974
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...
CVE-2026-8961
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the Form Autofill component...
CVE-2026-8975
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...
CVE-2026-8970
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Security component...
CVE-2026-8958
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...
CVE-2026-8957
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Enterprise Policies component...
CVE-2026-8956
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...
CVE-2026-8955
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...
CVE-2026-8954
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Audio/Video component...
CVE-2026-8953
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...
CVE-2026-8946
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...
CVE-2026-8950
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...
CVE-2026-40701
A flaw was found in the ngxhttpsslmodule module of NGINX. When the sslverifyclient directive is set to "on" or "optional" and the sslocsp directive is enabled or its leaf parameters are configured with a resolver, an unauthenticated attacker can send crafted requests to cause a use-after-free iss...
CVE-2026-42934
A flaw was found in the ngxhttpcharsetmodule module of NGINX. When charset, sourcecharset, charsetmap and proxypass with disabled buffering "off" directives are configured, an unauthenticated attacker can send crafted requests and cause a heap-based buffer over-read in the worker process, resulti...
CVE-2026-25244
A flaw was found in WebdriverIO. A remote attacker can exploit a command injection vulnerability by crafting a malicious Git repository with a specially named branch. This branch name, containing shell metacharacters, is unsafely processed during test orchestration. This allows for remote code...
CVE-2026-43499
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
CVE-2026-43498
A flaw was found in the Linux kernel's accel/ivpu module. This vulnerability allows for the re-exporting of imported Graphics Execution Manager GEM buffers. When these buffers are re-exported, it leads to a loss of their original flag settings, which can result in incorrect device access and...
CVE-2026-43497
A flaw was found in the Linux kernel's udlfb driver. This use-after-free vulnerability occurs because the dlfbopsmmap function does not properly track active memory mappings. When the framebuffer is reallocated, existing memory page table entries PTEs are not invalidated. This allows a local...
CVE-2026-43502
A flaw was found in the Linux kernel, specifically within the Remote Direct Memory Access RDMA subsystem's handling of zerocopy send operations. When a zerocopy send fails before the message is attached to the sending socket, the kernel may incorrectly clean up the associated memory. This can lea...
CVE-2026-43501
A flaw was found in the Linux kernel. A local attacker can exploit an out-of-bounds write vulnerability when the kernel recomputes an IPv6 Source Routing Header SRH. This issue occurs because insufficient headroom is reserved during the recompression process, leading to memory corruption...
CVE-2026-43496
A flaw was found in the Linux kernel's networking scheduler component. This vulnerability occurs when a specific queueing discipline qdisc configuration is used, where a parent qdisc attempts to retrieve a network packet from a child qdisc. An incorrect function call during this process can lead ...
CVE-2026-43495
A flaw was found in the Linux kernel, specifically within the net: wwan: t7xx module. A malicious modem could exploit this vulnerability by sending a specially crafted message with an invalid portcount value. This could lead to a slab-out-of-bounds read, potentially allowing an attacker to access...
CVE-2026-43494
A flaw was found in the Linux kernel, specifically within the net/rds module. When a zerocopy page pin operation fails, a counter used for memory management opnents is not correctly reset. This can result in a double-free vulnerability, where the same memory is released twice. A local attacker...
CVE-2026-44432
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...
CVE-2026-25243
A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...