Aggregator

Неизвестный ранее материал выдержал контакт с расплавленным грунтом и может заменить дорогую платину.

A vulnerability categorized as problematic has been discovered in benoitc hackney up to 4.0.0. This impacts an unknown function of the file src/hackney_url.erl of the component URL Parser. Executing a manipulation can lead to allocation of resources. This vulnerability is handled as CVE-2026-47067. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability identified as problematic has been detected in benoitc hackney up to 4.0.0. Affected is an unknown function of the file src/hackney_ws.erl. The manipulation of the argument frag_buffer leads to resource consumption. This vulnerability is uniquely identified as CVE-2026-47073. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

A vulnerability identified as problematic has been detected in benoitc hackney up to 4.0.0. This affects an unknown part of the file src/hackney_ws.erl of the component URL Handler. This manipulation causes crlf injection. This vulnerability is handled as CVE-2026-47072. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability classified as critical was found in Agatasoft Auto PingMaster 1.5. Affected by this issue is some unknown functionality. Such manipulation leads to stack-based buffer overflow. This vulnerability is listed as CVE-2018-25360. The attack must be carried out locally. In addition, an exploit is available.

A vulnerability, which was classified as critical, was found in Splinterware System Scheduler Pro 5.12. This vulnerability affects unknown code of the file WService.exe. Executing a manipulation can lead to incorrect default permissions. This vulnerability is registered as CVE-2018-25359. The attack needs to be launched locally. Furthermore, an exploit is available.

A vulnerability categorized as critical has been discovered in Soroush IM Desktop App 0.17.0. This issue affects some unknown processing. Such manipulation leads to authentication bypass by spoofing. This vulnerability is traded as CVE-2018-25361. An attack has to be approached locally. Furthermore, there is an exploit available.

A vulnerability identified as problematic has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRST_NAME results in cross site scripting. This vulnerability is identified as CVE-2026-9471. The attack can be initiated remotely. Additionally, an exploit exists. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability labeled as critical has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af817623af55e3384df5a6a. Affected is the function download_markdown/list_downloaded_files/create_subdirectory of the file src/index.ts. Executing a manipulation can lead to path traversal. This vulnerability is tracked as CVE-2026-9472. The attack can be launched remotely. Moreover, an exploit is present. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability labeled as critical has been found in Fyffe PHP-Twitter-Clone 1.0. This affects an unknown function of the file follow.php. Executing a manipulation of the argument userid can lead to sql injection. The identification of this vulnerability is CVE-2018-25362. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability marked as critical has been reported in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the function getFileContent/uploadCoverFile/generateImage/generateVideo of the file src/api.ts. The manipulation of the argument filePath leads to path traversal. This vulnerability is listed as CVE-2026-9473. The attack may be initiated remotely. In addition, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability classified as problematic has been found in jqlang jq up to 1.8.1. Impacted is an unknown function. Performing a manipulation results in improper input validation. This vulnerability is reported as CVE-2026-43895. The attack requires a local approach. No exploit exists.

A vulnerability classified as problematic was found in jqlang jq up to 1.8.1. The affected element is the function jv_object_merge_recursive. Executing a manipulation can lead to uncontrolled recursion. This vulnerability appears as CVE-2026-43896. The attack requires local access. There is no available exploit.

A vulnerability described as problematic has been identified in jqlang jq up to 1.8.1. The impacted element is an unknown function. Executing a manipulation can lead to integer overflow. This vulnerability is registered as CVE-2026-41257. The attack needs to be launched locally. No exploit is available.

A vulnerability, which was classified as problematic, has been found in jqlang jq up to 1.8.2rc1. This affects an unknown part of the component Ordinary Module Loader. Performing a manipulation results in uncontrolled recursion. This vulnerability is reported as CVE-2026-44777. The attack requires a local approach. No exploit exists.

A vulnerability marked as problematic has been reported in jqlang jq up to 1.8.1. The affected element is an unknown function of the component JSON Parser. Performing a manipulation results in improper neutralization of null byte or nul character. This vulnerability is cataloged as CVE-2026-41256. The attack must be initiated from a local position. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in gnupg Libgcrypt up to 1.10.3/1.11.2/1.12.1 and classified as critical. Affected by this issue is the function gcry_pk_decrypt of the component ECDH Handler. The manipulation results in out-of-bounds write. This vulnerability was named CVE-2026-41989. The attack needs to be approached locally. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability classified as problematic has been found in HAProxy up to 3.3.5. This vulnerability affects unknown code of the component HTTP3 Parser. Performing a manipulation results in improper handling of length parameter inconsistency. This vulnerability is known as CVE-2026-33555. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability was found in Prusa PrusaSlicer up to 2.6.1. It has been classified as critical. Affected is an unknown function of the file libslic3r/GCode/PostProcessor.cpp of the component Project File Handler. Performing a manipulation results in Remote Code Execution. This vulnerability is identified as CVE-2023-47268. The attack can be initiated remotely. There is not any exploit available.