Aggregator

A vulnerability categorized as problematic has been discovered in py-pdf pypdf up to 6.10.1. This issue affects some unknown processing. Such manipulation of the argument predictor leads to uncontrolled memory allocation. This vulnerability is documented as CVE-2026-41312. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability labeled as problematic has been found in py-pdf pypdf up to 6.10.1. The affected element is an unknown function. Executing a manipulation of the argument size can lead to uncontrolled memory allocation. This vulnerability appears as CVE-2026-41314. The attack may be performed from remote. There is no available exploit. The affected component should be upgraded.

A vulnerability marked as problematic has been reported in py-pdf pypdf up to 6.10.0. The impacted element is an unknown function of the component Object Stream Handler. The manipulation of the argument Size leads to excessive iteration. This vulnerability is traded as CVE-2026-41168. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in nltk up to 3.9.2 and classified as critical. Affected by this issue is the function filestring of the component nltk.util. The manipulation results in absolute path traversal. This vulnerability was named CVE-2026-0846. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in ImageMagick up to 6.9.13-45/7.1.2-20. It has been declared as critical. Impacted is an unknown function of the component MIFF File Handler. Such manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2026-42050. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in HAARG HTTP::Tiny up to 0.092 on Perl. The affected element is an unknown function of the component HTTP Request Handler. Performing a manipulation of the argument Host results in http response splitting. This vulnerability is reported as CVE-2026-7010. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability was found in NVIDIA GeForce, RTX, Quadro, NVS, Tesla and Virtual GPU Manager on Linux. It has been rated as critical. The impacted element is an unknown function of the component Display Driver. Performing a manipulation results in incorrect conversion between numeric types. This vulnerability is reported as CVE-2026-24192. The attack requires a local approach. No exploit exists.

A vulnerability categorized as critical has been discovered in NVIDIA GeForce, RTX, Quadro, NVS and Tesla on Windows/Linux. This affects an unknown function of the component Display Driver. Executing a manipulation can lead to out-of-bounds write. This vulnerability appears as CVE-2026-24193. The attack requires local access. There is no available exploit.

A vulnerability classified as critical has been found in NVIDIA GeForce, RTX, Quadro, NVS, Tesla, Guest driver and Virtual GPU Manager on Windows. This affects an unknown part of the component Display Driver. Performing a manipulation results in time-of-check time-of-use. This vulnerability was named CVE-2026-24191. The attack needs to be approached locally. There is no available exploit.

A vulnerability was found in NVIDIA GeForce, RTX, Quadro, NVS, Tesla, Guest driver and Virtual GPU Manager on Windows/Linux. It has been classified as critical. This affects an unknown function of the component Display Driver. Performing a manipulation results in improper locking. This vulnerability is cataloged as CVE-2026-24182. The attack must be initiated from a local position. There is no exploit available.

A vulnerability categorized as critical has been discovered in NVIDIA GeForce, RTX, Quadro, NVS and Tesla on Windows/Linux. Impacted is an unknown function of the component Kernel Mode. Such manipulation leads to missing authorization. This vulnerability is traded as CVE-2026-24190. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in NVIDIA GeForce, RTX, Quadro, NVS, Tesla, Guest driver and Virtual GPU Manager on Linux. It has been declared as critical. The affected element is an unknown function. Such manipulation leads to use after free. This vulnerability is documented as CVE-2026-24187. The attack needs to be performed locally. There is not any exploit available.

A vulnerability marked as very critical has been reported in Eppendorf BioFlo 320. This vulnerability affects unknown code. Performing a manipulation results in use of hard-coded password. This vulnerability is known as CVE-2026-7251. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as critical has been found in Autodesk 3ds Max up to 2026.0/2027.0. This affects an unknown function of the component WRL File Handler. This manipulation causes uncontrolled recursion. This vulnerability is handled as CVE-2026-7453. The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability labeled as critical has been found in IBM webMethods Integration Server. The affected element is an unknown function. Such manipulation leads to server-side request forgery. This vulnerability is referenced as CVE-2025-14290. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability marked as critical has been reported in NVIDIA Merlin Transformers4Rec on Linux. The impacted element is an unknown function. Performing a manipulation results in deserialization. This vulnerability is identified as CVE-2026-24162. The attack is only possible with local access. There is not any exploit available.

A vulnerability marked as problematic has been reported in FastNetMon Community Edition up to 1.2.9. Affected by this vulnerability is the function append_dynamic_buffer/append_data_as_pointer/append_data_as_object_ptr/memcpy_from_ptr/memcpy_from_object_ptr of the file src/dynamic_binary_buffer.hpp. This manipulation causes off-by-one. This vulnerability is handled as CVE-2026-48689. The attack can only be done within the local network. There is not any exploit available.

A vulnerability described as critical has been identified in Autodesk 3ds Max up to 2026.0/2027.0. This issue affects some unknown processing of the component PAR File Handler. Executing a manipulation can lead to null pointer dereference. This vulnerability is handled as CVE-2026-7450. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in xwiki xwiki-platform up to 16.10.16/17.4.8/17.10.2/18.0.x. It has been classified as critical. The impacted element is an unknown function of the file /wikis/ of the component API. The manipulation leads to missing authorization. This vulnerability is listed as CVE-2026-33137. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.