Adobe InDesign < 20.5.3 / 21.0 < 21.3.0 Multiple Vulnerabilities (APSB26-32)

The version of Adobe InDesign installed on the remote Windows host is prior to 20.5.3, 21.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-32 advisory. - Heap-based Buffer Overflow CWE-122 potentially leading to Arbitrary code execution CVE-2026-34627,...

ROS-20260414-73-0019

Vulnerability in kernel-lt related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

APSB26-37 : Security update available for Adobe Connect

Adobe has released a security update for Adobe Connect. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and privilege escalation...

APSB26-32 : Security update available for Adobe InDesign

Adobe has released a security update for Adobe InDesign. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution, application denial-of-service, and memory exposure...

APSB26-33 : Security update available for Adobe InCopy

Adobe has released a security update for Adobe InCopy. This update addresses critical vulnerabilities that could lead to arbitrary code execution...

APSB26-39 : Security update available for Adobe Bridge

Adobe has released a security update for Adobe Bridge. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution and application denial-of-service...

APSB26-44 : Security update available for Adobe Acrobat Reader

Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and arbitrary file system read...

APSB26-42 : Security update available for Adobe Illustrator

Adobe has released an update for Adobe Illustrator. This update resolves a critical vulnerability that could lead to arbitrary code execution...

Incorrect use of LocateProtocol Service of the EFI_BOOT_Services table in SMI Handler

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54502| Incorrect use of boot service in the AMD Platform Configuration Blob APCB SMM driver could allow a privileged attacker with local access Ring 0 to achieve privilege escalation...

Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)

SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains a vulnerability that could allow an attacker to achieve arbitrary code execution and to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller SAC and recommends...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Redis, Lua vulnerabilities (USN-8169-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8169-1 advisory. It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker...

CVE-2026-31048

An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...

CVE-2026-31048

An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...

UBUNTU-CVE-2026-31048

An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the pickle process. An attacker can execute arbitrary code by sending a specially crafted pickled string message. Remediation There is no fixed version for Pyro. References - GitHub Advisory - Vulnerable Cod...

CVE-2026-1462

A flaw was found in the keras package. This vulnerability allows an attacker to execute unauthorized code on a victim's system. It occurs when a victim loads a specially crafted .keras model, even if the safemode security feature is active. The issue arises because the keras package can...

Exploit for CVE-2026-34621

CVE-2026-34621 — Windows PoC Prototype Pollution in Adobe A...

CVE-2026-40156

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This loading process uses importlib.util.specfromfilelocation and immediately executes module-level code v...

CVE-2026-34621

Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue...

CVE-2026-40044

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...