120783 matches found
CVE-2025-65715
An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace...
CVE-2025-65716
An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to execute arbitrary code via uploading a crafted .Md file...
Dassault Systèmes SOLIDWORKS eDrawings 安全漏洞
Dassault Systèmes SOLIDWORKS eDrawings is a collaboration tool provided by Dassault Systèmes, a French company, for viewing, sharing, and annotating 2D/3D design files. There are security vulnerabilities in the SOLIDWORKS eDrawings SOLIDWORKS Desktop 2025 version up to the SOLIDWORKS Desktop 2026...
CVE-2025-65715
An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace...
CVE-2025-65715
An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace...
PT-2026-8346
Name of the Vulnerable Software and Affected Versions SOLIDWORKS eDrawings versions 2025 through 2026 Description An Out-Of-Bounds Read vulnerability exists in the EPRT file reading procedure. This could allow an attacker to execute arbitrary code by opening a specially crafted EPRT file...
RHEL 10 : gnupg2 (RHSA-2026:2753)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2753 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards...
CVE-2025-65716
CVE-2025-65716 affects Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18. The issue allows attackers to execute arbitrary JavaScript code by uploading a crafted Markdown (.md) file, enabling local port enumeration and data exfiltration to a control domain. The vulnerability is tied ...
ALSA-2026:2719 Important: gnupg2 security update
The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fixes: GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution CVE-2026-24882 For more details about the security...
ROS-20260216-73-0006
Vulnerability in wireshark related to writing outside buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20260216-73-0007
Vulnerability in wireshark related to writing outside buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
CVE-2019-25374 OPNsense 19.1 Reflected XSS via vpn_ipsec_settings.php
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting the passthroughnetworks parameter in vpnipsecsettings.php. Attackers can craft POST requests with JavaScript payloads in the passthroughnetworks parameter to execu...
modelscan-bypass-poc
⚠️ ModelScan Bypass PoC — Security Research WARNING: This...
PT-2026-8247
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the mailserver parameter. Attackers can send POST requests to the monit interface with JavaScript payloads in the mailserver...
CVE-2026-1988
The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the flexipsgcarousel shortcode. This is due to the theme parameter being directly concatenated into a file path without proper sanitization ...
CVE-2025-70093
An issue in OpenSourcePOS v3.4.1 allows attackers to execute arbitrary code via returning a crafted AJAX response...
CVE-2026-25227
authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server contain...
CVE-2025-54519
A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...
CVE-2025-70093
An issue in OpenSourcePOS v3.4.1 allows attackers to execute arbitrary code via returning a crafted AJAX response...
CVE-2025-29950
Improper input validation in system management mode SMM could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution...