Microsoft Teams 注入漏洞

Microsoft Teams is a software product developed by the American company Microsoft, used for online meetings, chatting, and cloud storage functions. There is a vulnerability in Microsoft Teams. Attackers can exploit this vulnerability to obtain sensitive information...

PT-2026-48042

Name of the Vulnerable Software and Affected Versions Remote Desktop Client affected versions not specified Description A heap-based buffer overflow allows an unauthorized attacker to execute arbitrary code over a network, which can affect the system. A heap-based buffer overflow occurs when an...

PT-2026-47632

A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the publi...

AMD uProf Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0466| Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

PT-2026-47640

Name of the Vulnerable Software and Affected Versions tmux versions prior to 3.7-rc Description A use after free issue exists in the image free function within the image.c file. This flaw requires local access to exploit and is characterized by high complexity and difficult exploitability...

Microsoft Azure 输入验证错误漏洞

Microsoft Azure is an open enterprise-level cloud computing platform provided by Microsoft Corporation in the United States. The Microsoft Azure Attestation service and Device Health Attestation Service have vulnerabilities related to input validation. Attackers can exploit these vulnerabilities ...

Microsoft Live Share Canvas SDK 跨站脚本漏洞

The Microsoft Live Share Canvas SDK is an optional extension from the American company Microsoft. It is designed specifically to help developers easily add real-time, multi-person collaborative digital whiteboards or drawing boards into Microsoft Teams meeting applications. The Microsoft Live Sha...

Microsoft Windows 代码问题漏洞

Microsoft Windows is an operating system used on personal devices by the American company Microsoft. There are code-related vulnerabilities in Microsoft Windows Narrator Braille. Attackers can exploit these vulnerabilities to gain higher privileges...

Microsoft Defender for Endpoint 安全漏洞

Microsoft Defender for Endpoint is an enterprise endpoint security platform provided by Microsoft Corporation in the United States. It helps protect against advanced persistent threats. There are security vulnerabilities in Microsoft Defender for Endpoint. Attackers can exploit these...

Microsoft PC Manager 访问控制错误漏洞

Microsoft PC Manager is a computer management software developed by Microsoft Corporation. It offers features such as one-click acceleration, system space management, pop-up management, and comprehensive health checks. However, Microsoft PC Manager has an access control vulnerability. Attackers c...

Linux Distros Unpatched Vulnerability : CVE-2026-11650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-11667

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap...

CVE-2026-11698

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-11688

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-11667

Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-11666

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

CVE-2026-11664

Use after free in Payments in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-11649

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-11648

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-11629

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...