Pachno 代码问题漏洞

Pachno is an open-source collaboration platform developed by Pachno. Version 1.0.6 of Pachno contains code vulnerabilities; these vulnerabilities stem from unsafe deserialization, which could allow unverified attackers to execute arbitrary code...

Dynabook Bluetooth ACPI 安全漏洞

Dynabook Bluetooth ACPI is a system interface component developed by Dynabook Japan, used for managing the power supply of Bluetooth hardware and device status. Dynabook Bluetooth ACPI contains a security vulnerability caused by a stack buffer overflow, which may lead to the execution of arbitrar...

Keras 代码问题漏洞

Keras is an open-source deep learning framework with multiple backends. Version 3.13.0 of Keras contains a code vulnerability that stems from the TFSLayer class’s unconditional loading of external SavedModels, which may lead to arbitrary code execution...

Pyro3 安全漏洞

Pyro3 is a Python remote object invocation library developed by Irmen de Jong. Version 3.x of Pyro3 contains a security vulnerability, which stems from issues with the pickle protocol. This vulnerability could allow arbitrary code to be executed through specially crafted pickle string messages...

CVE-2026-31048

An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...

Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2026-1547)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1547 advisory. A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. Thi...

CVE-2026-31048

An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...

PT-2026-32371

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.0 Description Dag Authors can craft a malicious XCom payload that allows them to execute arbitrary code within the webserver context, bypassing the standard restriction that prevents them from executing cod...

VulnCheck KEV: CVE-2020-9715

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution...

PT-2026-32498

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...

PT-2026-32446

Name of the Vulnerable Software and Affected Versions Decidim versions prior to 0.30.5 Decidim versions 0.31.0.rc1 through 0.31.0 Description A stored code execution issue in the user name field allows a low-privileged attacker to execute arbitrary code in the context of any user who passively...

MiracleLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (AXSA:2026-421:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-421:01 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffe...

Amazon Linux 2023 : plexus-utils, plexus-utils-javadoc (ALAS2023-2026-1545)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1545 advisory. Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute...

RHEL 10 : openexr (RHSA-2026:7678)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:7678 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents ...

Adobe Acrobat and Reader Prototype Pollution Vulnerability

Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution...

ERB has an @_init deserialization guard bypass via def_module / def_method / def_class

ERB implements an @init guard to prevent code execution when ERB objects are reconstructed via Marshal.load on untrusted data. However, ERBdefmethod, ERBdefmodule, and ERBdefclass evaluate the template source without checking this guard, allowing an attacker who controls the data passed to...

EUVD-2019-20133

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...

EUVD-2018-21770

RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...

CVE-2019-25695

R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...

CVE-2019-25701

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...