Common Vulnerabilities and Exposures (CVE)

CVE-2025-7003

Jun 15, 2026 17:14:27 UTC

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows...

CVE-2026-53868

Jun 15, 2026 17:14:00 UTC

Capgo before 12.128.2 contains a denial of service vulnerability allowing attackers to register accounts using arbitrary email addresses without verification, then initiate deletion to lock emails in pending deletion state. Attackers can pe...

CVE-2025-7002

Jun 15, 2026 17:13:17 UTC

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows...

CVE-2025-7004

Jun 15, 2026 17:12:57 UTC

Heap buffer out-of-bounds write vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, ...

CVE-2025-7005

Jun 15, 2026 17:12:33 UTC

Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Ava...

CVE-2025-7006

Jun 15, 2026 17:12:17 UTC

Use of stack memory after free vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One,...

CVE-2026-54421

Jun 15, 2026 17:11:57 UTC

In OpenStack Ironic through 35.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unredacted sensitive information (such as iSCSI credentials). The PATCH outcome is a security issu...

CVE-2025-7008

Jun 15, 2026 17:11:56 UTC

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antiviru...

CVE-2025-7009

Jun 15, 2026 17:11:31 UTC

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, N...

CVE-2025-7010

Jun 15, 2026 17:11:01 UTC

Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a malformed PDF file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Ava...

CVE-2026-54410

Jun 15, 2026 17:05:25 UTC

nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recv_msg_header() function of the Modbus/TCP server that allows remote unauthenticated attackers to write one attacker-controlled byte past the end of the 260-byte rec...

CVE-2026-54228

Jun 15, 2026 17:03:30 UTC

A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can call SetElement to write arbitrary text fi...

CVE-2026-9134

Jun 15, 2026 17:02:45 UTC

The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'custom_attribute_key' shortcode parameter in versions up to, and including, 3.1.31 This is due to an incomplete JavaScript event handler blacklist in ...

CVE-2026-12174

Jun 15, 2026 17:02:00 UTC

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format strin...

CVE-2026-54412

Jun 15, 2026 17:01:16 UTC

LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqtt_unpack_publish_response() function in src/mqtt.c that allows a remote unauthenticated attacker controlling an MQTT broker - o...