CVE-2025-66715

A DLL hijacking vulnerability in Axtion ODISSAAS ODIS v1.8.4 allows attackers to execute arbitrary code via a crafted DLL file...

(0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from the lack of proper...

Ruckus vRIoT IoT Controller 信任管理问题漏洞

Ruckus vRIoT IoT Controller is a virtual wireless IoT controller from Ruckus USA. A trust management issue vulnerability exists in Ruckus vRIoT IoT Controller versions prior to 3.0.0.0 that stems from hard-coded credentials and could lead to the execution of arbitrary code...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Jan-2026 Release 1, which stems from a reuse-after-release vulnerabili...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from a reuse-after-release vulnerability that could lead to the execution of...

PT-2026-1861

Name of the Vulnerable Software and Affected Versions Axtion ODISSAAS ODIS version 1.8.4 Description A DLL hijacking issue exists in Axtion ODISSAAS ODIS version 1.8.4. This allows attackers to execute arbitrary code by utilizing a specially crafted DLL file. The vulnerability involves the...

(0Day) Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Discord Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the discordrpc module...

PT-2026-1955

Name of the Vulnerable Software and Affected Versions EDIMAX BR-6208AC version V2 1.02 Description The EDIMAX BR-6208AC version V2 1.02 is susceptible to Command Injection. The issue occurs because the pppUserName field is passed directly to a shell command using the system function without...

(0Day) MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability

This vulnerability allows remote attackers to bypass the sandbox on affected installations of MCP Manager for Claude Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Axtion ODISSAAS ODIS 安全漏洞

Axtion ODISSAAS ODIS is a vehicle diagnostic software from the Dutch company Axtion. A security vulnerability exists in Axtion ODISSAAS ODIS version 1.8.4, which originates in a specially crafted DLL file and could lead to the execution of arbitrary code...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : GnuPG vulnerability (USN-7946-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7946-1 advisory. It was discovered that GnuPG incorrectly handled crafted input. A remote attacker could possibly u...

CVE-2025-70161

EDIMAX BR-6208AC V21.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell command via the system function without proper sanitization. An attacker can exploit this by injecting malicious commands into the pppUserName field, allowing...

PT-2026-1987

Name of the Vulnerable Software and Affected Versions MCP Manager for Claude Desktop affected versions not specified Description The software contains a security issue that allows for sandbox escape and arbitrary code execution within the context of the MCP Manager process. This is triggered by...

Siemens Ruggedcom ROX Integer Overflow or Wraparound (CVE-2018-1000876)

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be...

[SECURITY] [DLA 4374-2] pdfminer security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4374-2 [email protected] https://www.debian.org/lts/security/ Chris Lamb January 08, 2026 https://wiki.debian.org/LTS -...

USN-7946-1: GnuPG vulnerability

It was discovered that GnuPG incorrectly handled crafted input. A remote attacker could possibly use this issue to crash the program, or execute arbitrary code...

USN-7946-1 gnupg2 vulnerability

It was discovered that GnuPG incorrectly handled crafted input. A remote attacker could possibly use this issue to crash the program, or execute arbitrary code...

CVE-2026-0719

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in...

CVE-2026-0719

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in...

CVE-2026-0719

CVE-2026-0719 is a libsoup NTLM handling flaw that can overflow an internal size calculation when processing very long passwords, causing a stack memory overrun and potential crash/denial of service. The affected component is the libsoup HTTP client/server library used by GNOME and related applic...