120957 matches found
CVE-2025-64463 Out-of-Bounds Read in LVResource::DetachResource() in NI LabVIEW
There is an out of bounds read vulnerability in NI LabVIEW in LVResource::DetachResource when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...
CVE-2025-64462 Out-of-Bounds Read in LVResFile::RGetMemFileHandle() in NI LabVIEW
There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::RGetMemFileHandle when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...
CVE-2025-64462 Out-of-Bounds Read in LVResFile::RGetMemFileHandle() in NI LabVIEW
There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::RGetMemFileHandle when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...
CVE-2025-14861
Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 146.0.1...
CVE-2025-14861 Memory safety bugs fixed in Firefox 146.0.1
Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 146.0.1...
CVE-2025-14861
Firefox versions prior to 146.0.1 are affected by memory safety bugs (CVE-2025-14861) that can lead to memory corruption and, with enough effort, arbitrary code execution. The issue is fixed in Firefox 146.0.1; affected products include Firefox
[SECURITY] [DLA 4414-1] webkit2gtk security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4414-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 18, 2025 https://wiki.debian.org/LTS -...
CVE-2025-13641 Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery <= 3.59.12 - Authenticated (Contributor+) Local File Inclusion via 'template'
The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.59.12 via the 'template' shortcode parameter. This is due to insufficient path validation that allows absolute paths to be provided...
[SECURITY] [DSA 6083-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6083-1 [email protected] https://www.debian.org/security/ Alberto Garcia December 18, 2025 https://www.debian.org/security/faq -...
Security Bulletin: Multiple Vulnerabilities in IBM watsonx Code Assistant On Prem
Summary Multiple vulnerabilities were addressed in IBM watsonx Code Assistant On Prem V5.3.0 Vulnerability Details CVEID:CVE-2025-12735 DESCRIPTION: The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined...
CVE-2025-60068 WordPress Javo Core plugin <= 3.0.0.266 - Arbitrary Code Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in javothemes Javo Core javo-core allows Code Injection.This issue affects Javo Core: from n/a through = 3.0.0.266...
CVE-2025-60070 WordPress Molla - Multipurpose Responsive Shopify theme <= 1.5.13 - Arbitrary Code Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in The4 Molla molla allows Code Injection.This issue affects Molla: from n/a through = 1.5.13...
CVE-2025-60068 WordPress Javo Core plugin <= 3.0.0.266 - Arbitrary Code Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in javothemes Javo Core javo-core allows Code Injection.This issue affects Javo Core: from n/a through = 3.0.0.266...
CVE-2025-60070 WordPress Molla - Multipurpose Responsive Shopify theme <= 1.5.13 - Arbitrary Code Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in The4 Molla molla allows Code Injection.This issue affects Molla: from n/a through = 1.5.13...
CVE-2025-60070
CVE-2025-60070 concerns The4 Molla (WordPress theme/plugin Molla) with versions up to and including 1.5.13, where improper control of code generation enables code injection (arbitrary code execution). References consistently describe this as a vulnerability affecting Molla versions ≤ 1.5.13. The ...
CVE-2025-53524
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
CVE-2025-67170
A reflected cross-site scripting XSS vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...
MailEnable Insecure DLL Loading Vulnerability (CNVD-2026-14402)
MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from an insecure DLL loading vulnerability that can be exploited by an attacker to cause local arbitrary code execution...
MailEnableMailEnableMailEnable Insecure DLL Loading Vulnerability (CNVD-2026-14405)
MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from a MailEnable Insecure DLL Load vulnerability that can be exploited by an attacker to cause local arbitrary code execution...
TeamViewer DEX Client Elevation of Privilege Vulnerability
TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. An elevation of privilege vulnerability exists in TeamViewer DEX Client, which can be exploited by an attacker to cause elevation of privilege and execute arbitrary code...