Aggregator

Name: WRECKCTF 2026 (an WRECKCTF event.)
Date: April 17, 2026, 4 a.m. — 18 April 2026, 04:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: http://wreckctf.com/
Rating weight: 0
Event organizers: Mad H@tters

Name: ZeroSecure CTF 2026 (an ZeroSecure CTF event.)
Date: April 17, 2026, 5:30 a.m. — 18 April 2026, 05:30 UTC  [add to calendar]
Format: Jeopardy
On-site
Offical URL: https://www.zerosecurectf.online/
Rating weight: 0.00
Event organizers: CLIENT - ZERO

Name: 47CON CTF 2026 (an 47CON CTF event.)
Date: April 17, 2026, 8 a.m. — 18 April 2026, 08:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Location: Valladolid (Spain)
Offical URL: https://sugusuva.es/ctfd/
Rating weight: 0
Event organizers: SUGUS

A vulnerability identified as critical has been detected in FirebirdSQL Firebird up to 3.0.13/4.0.6/5.0.3. The impacted element is the function xdr_datum of the component Packet Handler. Performing a manipulation results in buffer overflow. This vulnerability is identified as CVE-2026-33337. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability described as problematic has been identified in libvips up to 8.18.2. The affected element is the function im_minpos_vec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. This vulnerability is traded as CVE-2026-6491. An attack has to be approached locally. Furthermore, there is an exploit available. The vendor confirms that they will "be removing the deprecated area in libvips 8.19".

A vulnerability was found in FirebirdSQL Firebird up to 3.x and classified as problematic. This affects an unknown part. Executing a manipulation can lead to information disclosure. This vulnerability is handled as CVE-2025-65104. It is possible to launch the attack on the local host. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability classified as problematic was found in FirebirdSQL Firebird up to 3.0.13/4.0.6/5.0.3. This impacts the function xdr_status_vector. The manipulation results in improper handling of syntactically invalid structure. This vulnerability is reported as CVE-2026-34232. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability categorized as problematic has been discovered in FirebirdSQL Firebird up to 3.0.13/4.0.6/5.0.3. The affected element is the function op_crypt_key_callback. Such manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2026-28224. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability labeled as problematic has been found in FirebirdSQL Firebird up to 3.0.13/4.0.6/5.0.3. This affects the function sdl_desc. Executing a manipulation can lead to divide by zero. This vulnerability is tracked as CVE-2026-35215. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.

A vulnerability classified as problematic was found in LibRaw d20315b. This vulnerability affects the function x3f_load_huffman of the component File Handler. Such manipulation leads to integer overflow. This vulnerability is traded as CVE-2026-24660. The attack may be launched remotely. There is no exploit available. A patch should be applied to remediate this issue.

A vulnerability was found in FirebirdSQL Firebird up to 3.0.13/4.0.6/5.0.3. It has been rated as problematic. Impacted is the function ClumpletReader::getClumpletSize of the component Batch Handler. This manipulation causes integer overflow. The identification of this vulnerability is CVE-2026-28214. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.

A vulnerability marked as critical has been reported in LibRaw d20315b. Affected by this vulnerability is the function x3f_thumb_loader of the component File Handler. The manipulation leads to integer overflow. This vulnerability is documented as CVE-2026-20889. The attack can be initiated remotely. There is not any exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability described as critical has been identified in LibRaw 0b56545/d20315b. Affected by this issue is the function lossless_jpeg_load_raw of the component File Handler. The manipulation results in improper validation of array index. This vulnerability is reported as CVE-2026-21413. The attack can be launched remotely. No exploit exists. Applying a patch is advised to resolve this issue.

A vulnerability classified as problematic has been found in LibRaw 8dc68e2. This affects the function uncompressed_fp_dng_load_raw of the component File Handler. This manipulation causes integer overflow. This vulnerability appears as CVE-2026-24450. The attack may be initiated remotely. There is no available exploit. It is suggested to install a patch to address this issue.

A vulnerability identified as problematic has been detected in LibRaw. This impacts the function deflate_dng_load_raw of the component File Handler. Performing a manipulation results in integer overflow. This vulnerability is cataloged as CVE-2026-20884. It is possible to initiate the attack remotely. There is no exploit available. Applying a patch is the recommended action to fix this issue.

原域名已变更且将在2024年彻底废弃，请访问 https://govuln.com/news/ 查看新的RSS订阅

A vulnerability was found in Linux Kernel up to 6.6.93/6.12.33/6.15.2 and classified as critical. This vulnerability affects the function phy_detach. The manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2025-38149. The attack must originate from the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.2. It has been rated as problematic. The affected element is an unknown function of the file kernel/locking/mutex.c of the component af_packet. Performing a manipulation results in improper locking. This vulnerability is reported as CVE-2025-38150. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.