APSB26-20 : Security update available for Adobe Substance 3D Stager

Adobe has released an update for Adobe Substance 3D Stager. This update addresses critical vulnerabilities in Adobe Substance 3D Stager that could lead to arbitrary code execution...

APSB26-06 : Security update available for Adobe Lightroom Classic

Adobe has released updates for Adobe Lightroom Classic. This update addresses a critical vulnerability that could lead to arbitrary code execution...

Adobe DNG SDK 输入验证错误漏洞

The Adobe DNG SDK is a software development kit provided by Adobe Inc. in the United States, which allows for the reading and writing of DNG files. Versions of the Adobe DNG SDK 1.7.1 2410 and earlier contained a vulnerability related to input validation errors. This vulnerability was caused by...

Adobe DNG SDK 缓冲区错误漏洞

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. A buffer overflow vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to execute arbitrary code on a system or cause an...

KLA90880 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in CSS can be exploited to cause denial of service or execute...

AlmaLinux 9 : python3.12-wheel (ALSA-2026:1939)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1939 advisory. wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24049 Tenable has extracted the preceding description...

AMD Graphics Driver Vulnerabilities – February 2026

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description | CVSS Score ---|---|--- CVE-2024-36324| Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.| 8.8 High...

AMD µProf Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-61969| Incorrect permission assignment in AMD µProf performance analysis tool-suite may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in...

APSB26-17 : Security update available for Adobe InDesign

Adobe has released a security update for Adobe InDesign. This update addresses critical and important vulnerabilities that could lead to memory exposure, arbitrary code execution, and application denial-of-service...

Adobe Bridge 15.1.3 < 15.1.4 / 16.x < 16.0.2 Multiple Vulnerabilities (APSB26-21)

The version of Adobe Bridge installed on the remote Windows host is prior to 15.1.4 or 16.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb26-21 advisory. - Integer Overflow or Wraparound CWE-190 potentially leading to Arbitrary code execution CVE-2026-21347 -...

Siemens SINEC NMS 代码问题漏洞

Siemens SINEC NMS is a network management system developed by Siemens in Germany. This system can be used for round-the-clock centralized monitoring, management, and configuration of industrial networks containing tens of thousands of devices, including those related to security applications...

Adobe After Effects < 25.6.4 Multiple Vulnerabilities (APSB26-15)

The version of Adobe After Effects installed on the remote Windows host is prior to 25.6.4. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-15 advisory. - Use After Free CWE-416 potentially leading to Arbitrary code execution CVE-2026-21320, CVE-2026-21323,...

Adobe After Effects 缓冲区错误漏洞

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds write vulnerability exists in Adobe After Effects 25.6 and...

Adobe After Effects < 25.6.4 Multiple Vulnerabilities (APSB26-15) (macOS)

The version of Adobe After Effects installed on the remote macOS host is prior to 25.6.4. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-15 advisory. - Use After Free CWE-416 potentially leading to Arbitrary code execution CVE-2026-21320, CVE-2026-21323,...

PT-2026-7380

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-25894

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is...

CVE-2026-25893

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. Prior to 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to gain administrative access via the heartbeat refresh API and execute arbitrary code on the server. This issue has...

CVE-2026-25925

PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...

CVE-2026-25880

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

CVE-2026-25961 SumatraPDF Update MITM -> Arbitrary Code Execution

SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification INTERNETFLAGIGNORECERTCNINVALID and executes installers without signature checks. A network attacker with any valid TLS certificate e.g., Let's Encrypt can...