Aggregator

Submit #807202 / VDB-360923

Submit #807201 / VDB-360922

A vulnerability categorized as problematic has been discovered in justdan96 tsMuxer up to 2.7.0. This issue affects the function VvcVpsUnit::setFPS of the file tsMuxer/vvc.cpp. Such manipulation of the argument track_id leads to denial of service. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2026-7740. An attack has to be approached locally. Furthermore, there is an exploit available.

Submit #807693 / VDB-360921

A vulnerability was found in justdan96 tsMuxer up to 2.7.0. It has been rated as problematic. This vulnerability affects the function HevcVpsUnit::setFPS of the file /AFLplusplus/tsMuxer_prev/tsMuxer/hevc.cpp. This manipulation of the argument track_id causes denial of service. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability appears as CVE-2026-7739. The attack requires local access. In addition, an exploit is available.

A vulnerability identified as critical has been detected in tsMuxer 2.6.16. This affects the function HevcSpsUnit::short_term_ref_pic_set of the file hevc.cpp. This manipulation causes heap-based buffer overflow. This vulnerability is registered as CVE-2021-35346. The attack requires access to the local network. No exploit is available. Applying a patch is the recommended action to fix this issue.

Currently trending CVE - Hype Score: 1 - IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when certain configurations ...

Currently trending CVE - Hype Score: 1 - IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system resources.

Currently trending CVE - Hype Score: 1 - ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems.

Submit #807697 / VDB-360920

Submit #807696 / VDB-360919

Submit #807695 / VDB-360918

Submit #807694 / VDB-360917

Submit #807692 / VDB-360916

Submit #807651 / VDB-360915

Submit #807650 / VDB-212561

Submit #807649 / VDB-194035

Submit #807648 / VDB-194035

Submit #807647 / VDB-360914

Microsoft Defender triggered widespread false positive alerts after a faulty security update caused it to flag two legitimate DigiCert root certificates as malicious, potentially disrupting SSL/TLS validation and code-signing operations across enterprise environments worldwide. A Defender antimalware signature update released around April 30, 2026, introduced a detection labeled Trojan:Win32/Cerdigent.A!dha, which incorrectly identified registry entries belonging […]

The post Microsoft Defender Mistakenly Flags DigiCert Root Certificates as Malware appeared first on Cyber Security News.