CIPPlanner CIPAce 安全漏洞

CIPPlanner CIPAce is a business process automation and application development platform provided by the American company CIPPlanner. Versions of CIPPlanner CIPAce prior to version 9.17 contained security vulnerabilities. These vulnerabilities stemmed from the rich text editor and document...

TorrentRockYou Torrent FLV Converter 安全漏洞

TorrentRockYou Torrent FLV Converter is a video format conversion tool developed by TorrentRockYou Inc. Version 1.51 Build 117 of TorrentRockYou Torrent FLV Converter has a security vulnerability. This vulnerability stems from a stack buffer overflow, which may allow for the execution of arbitrar...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

TorrentRockYou Torrent 3GP Converter 安全漏洞

TorrentRockYou Torrent 3GP Converter is a video format conversion tool developed by TorrentRockYou Corporation. Version 1.51 of TorrentRockYou Torrent 3GP Converter has a security vulnerability; this vulnerability stems from a stack buffer overflow, which may allow for the execution of arbitrary...

AMD μProf 安全漏洞

AMD μProf is a software analysis tool developed by the American semiconductor company AMD. AMD μProf has a security vulnerability, which stems from improper permission allocation. This vulnerability may lead to privilege escalation and arbitrary code execution...

RockyLinux 10 : freerdp (RLSA-2026:2222)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2222 advisory. freerdp: FreeRDP: Heap buffer overflow leading to denial of service and potential code execution from a malicious server. CVE-2026-23530 freerdp: FreeRD...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A code execution vulnerability exists in several Apple products, which can be exploited by an attacker to execute arbitrary code...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

PT-2026-7596

Name of the Vulnerable Software and Affected Versions AMD µProf affected versions not specified Description A flaw in permission assignment within AMD µProf could allow a local, privileged attacker to escalate their privileges, potentially leading to arbitrary code execution. Recommendations At t...

PT-2026-7592

A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

CVE-2026-21349

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21349

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-29950

Improper input validation in system management mode SMM could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution...

CVE-2024-36355

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution via the Mongoid::Criteria.fromhash function. An attacker can execute arbitrary Ruby code by supplying a specially crafted Hash value. Remediation Upgrade mongoid to version 7.6.1, 8.0.12, 8.1.12, 9.0.10 or highe...

CVE-2025-29951

CVE-2025-29951 affects the AMD Secure Processor (ASP) bootloader. A buffer overflow could allow an attacker to overwrite memory, enabling privilege escalation and arbitrary code execution. Documents consistently describe the vulnerability across multiple feeds (NVD/Red Hat/CVE List/Amd bulletin) ...

CVE-2025-29951

A buffer overflow in the AMD Secure Processor ASP bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution...

CVE-2025-29951

A buffer overflow in the AMD Secure Processor ASP bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution...

CVE-2025-48515

CVE-2025-48515 concerns the AMD Secure Processor (ASP) Boot Loader. The provided documents describe insufficient parameter sanitization that could allow an attacker with access to a SPI ROM upgrade to overwrite memory, potentially enabling arbitrary code execution. The PT-2026-7464 entry reiterat...