CVE-2026-34675

Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34676 Substance3D - Painter | Out-of-bounds Write (CWE-787)

Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34675

Substance3D Painter prior to version 12.0.3 is affected by an out-of-bounds write vulnerability (CWE-787) that can enable arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. Affected product: Substance3D Paint...

CVE-2026-34675 Substance3D - Painter | Out-of-bounds Write (CWE-787)

Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Adobe Substance3D Painter 缓冲区错误漏洞

Adobe Substance3D Painter is a 3D scene building software developed by Adobe, a company based in America. Versions of Adobe Substance3D Painter 12.0.2 and earlier contain a buffer overflow vulnerability, which stems from out-of-bound writes, potentially allowing arbitrary code to execute in the...

CVE-2026-0712

...

Security Bulletin: IBM Event Streams is vulnerable to Uncontrolled Recursion vulnerability (CVE-2025-48924)

Summary IBM Event Streams is vulnerable to Uncontrolled Recursion vulnerability due to the use of the Apache Commons Lang artifact. This artifact primarily used for utility functions such as string manipulation, object comparison, and handling common operations that simplify Java development...

Security Bulletin: IBM Event Streams is vulnerable to Weak Encryption (CVE-2025-45767)

Summary IBM Event Streams is vulnerable to weak encryption due to the JOSE library. JOSE is used for JSON Object Signing and Encryption in token-based authentication. Vulnerability Details CVEID:CVE-2025-45767 DESCRIPTION: jose v6.0.10 was discovered to contain weak encryption. NOTE: this is...

Grafana 11.5.x < 11.5.6 Multiples Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is prior to 11.3.8, or 11.4.x prior to 11.4.6, or 11.5.x prior to 11.5.6, or 11.6.x prior to 11.6.3, or 12.0.x prior to 12.0.2, or 12.1.x prior to 12.1.2. It is, therefore, affected by multiples vulnerabilities....

EUVD-2024-45973

Malicious code in bioql PyPI...

Fedora 43 : forgejo (2025-5fc3f360cf)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-5fc3f360cf advisory. This is an upstream security and bugfix release. Please refer to the upstream release notes for versions 12.0.2 and 12.0.3 for details about changes. Tenable...

Linux Distros Unpatched Vulnerability : CVE-2025-6023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana...

SUSE CVE-2025-6023

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01,...

CVE-2019-13001

An issue was discovered in GitLab Community and Enterprise Edition 11.9 and later through 12.0.2. GitLab Snippets were vulnerable to an authorization issue that allowed unauthorized users to add comments to a private snippet. It allows authentication bypass...

Projeqtor 代码问题漏洞

Projeqtor is an open source PHP-based project management software from the Projeqtor community. The software is used to organize various functions required for multiple projects and is suitable for IT projects. A code issue vulnerability exists in Projeqtor 12.0.2 and earlier versions, which stem...

CVE-2024-55554

Intrexx Portal Server before 12.0.2 allows XSS via a user-defined portlet...

CVE-2024-52926

The CVE-2024-52926 entry concerns Delinea Privilege Manager prior to 12.0.2, where the Windows agent security is mishandled. Affected product: Delinea Privilege Manager (Windows agent). Root cause: mishandling of security by the Windows agent (no specific internal component provided). Impact: CVS...

Delinea Privilege Manager 安全漏洞

Delinea Privilege Manager is a cloud-based software from Delinea. A security vulnerability exists in Delinea Privilege Manager versions prior to 12.0.2 that stems from incorrectly handling the security of the Windows agent...

CVE-2024-52926

Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent...

CVE-2024-52926

Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent...