| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. |
| Improper neutralization of argument delimiters in the install_packages() method in AWS Bedrock AgentCore Python SDK versions >= 1.1.3 and < 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name arguments.
To mitigate this issue, users should upgrade to version 1.6.1. |
| Address bar spoofing in Arc Search for Android allows a remote attacker to display a trusted domain in the address bar while rendering attacker-controlled content, enabling phishing. |
| Improper access control in the social login connection endpoint in
Devolutions Server 2026.2.5 allows an authenticated vault member to
enumerate social login entry metadata to which they are not authorized
via a crafted API request. |
| In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. |
| In PostWipeData of recovery_ui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In __mfc_core_nal_q_get_dec_metadata_sei_nal of mfc_core_nal_q.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. |
| Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated administrative attackers to execute arbitrary methods on PHP objects by exploiting empty checkMethodAllowed() and checkPropertyAllowed() implementations in the custom Twig SecurityPolicy. Attackers can supply malicious Twig templates through the DataObject ClassDefinition Layout\Text component to perform arbitrary file reads, execute arbitrary database queries, and potentially achieve remote code execution via PHP object gadget chains, with the pimcore_* function wildcard further broadening the bypass to all Pimcore Twig functions. |
| Unauthenticated Cross Site Scripting (XSS) in Qreatix <= 1.9.4 versions. |
| Unauthenticated Local File Inclusion in Raider Spirit <= 1.1.2 versions. |
| Use of an incorrectly resolved name or reference in the pinget backend
in Devolutions UniGetUI 2026.2.0 and earlier allows a WinGet community
catalog contributor to cause an installed application to be correlated
to an unrelated, attacker-controlled catalog package and to execute an
attacker-controlled installer via a crafted catalog package whose
normalized name is contained as a substring within the installed
application name when a user applies the proposed update. |
| Sonatype Nexus Repository Manager before 3.93.0 contains an authorization vulnerability in the proxy repository configuration that allows a delegated repository administrator to disclose stored upstream proxy credentials. |
| Dell Peripheral Manager, versions prior to 1.7.3, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious dll., leading to arbitrary code execution. |
