CVE-2019-25281

NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted paths in services like ncprwsnt, rwsrsu, ncpclcfg, and NcpSec to inject malicious code that...

CVE-2019-25267

Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launche...

CVE-2019-25267

Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launche...

Mitsubishi Electric FREQSHIP-mini 安全漏洞

Mitsubishi Electric FREQSHIP-mini is an automatic power supply shutdown software developed by Mitsubishi Electric, a Japanese company. There are security vulnerabilities in the versions of Mitsubishi Electric FREQSHIP-mini from 8.0.0 to 8.0.2. These vulnerabilities stem from improper default...

Medium: runc

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

Medium: nerdctl

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the product installer. The issue results from...

Delta Electronics ASDA-Soft Stack Buffer Overflow Vulnerability

Delta Electronics ASDA-Soft is an AC servo motor from Delta Electronics China. The Delta Electronics ASDA-Soft suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

Rubo DICOM Viewer 安全漏洞

Rubo DICOM Viewer is a medical imaging viewing software developed by the Polish company Rubo. Version 2.0 of Rubo DICOM Viewer has a security vulnerability, which stems from a buffer overflow in the DICOM server name input field. This vulnerability could allow attackers to execute arbitrary code...

4Mhz B64dec 安全漏洞

4Mhz B64dec is a Base64 decoder developed by the German company 4Mhz. There is a security vulnerability in the version 1.1.2 of 4Mhz B64dec, which stems from a buffer overflow issue and could lead to the execution of arbitrary code...

10-Strike Network Inventory Explorer 安全漏洞

10-Strike Network Inventory Explorer is a scanning software developed by 10-Strike Corporation. It is used to track hardware and software on network computers. Version 9.03 of 10-Strike Network Inventory Explorer contains a security vulnerability caused by a buffer overflow in the file import...

pinger 操作系统命令注入漏洞

Pinger is a web monitoring application developed by wcchandler. Version 1.0 of Pinger contains an operating system command injection vulnerability. This vulnerability stems from uncleaned inputs for the ping and socket parameters, which may allow attackers to inject shell commands and execute...

Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the product installer. The issue results from...

ALSA-2026:2081 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Heap buffer overflow leading to denial of service and...

AlmaLinux 10 : python-wheel (ALSA-2026:1902)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1902 advisory. wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24049 Tenable has extracted the preceding description...

RHEL 8 : freerdp (RHSA-2026:2081)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2081 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

RHEL 9 : python3.12-wheel (RHSA-2026:1939)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1939 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

RHEL 9 : freerdp (RHSA-2026:2048)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2048 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Heap buffer overflow leading to denial of service and...

Important: python3.12-wheel security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...