120455 matches found
RHEL 9 : ruby (RHSA-2026:18039)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18039 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...
ALSA-2026:18041 Critical: nginx:1.24 security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...
ALSA-2026:18063 Critical: nginx security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...
ALSA-2026:18064 Moderate: libpng security update
The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes: libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 For more details about the security issues, including the...
Important: ruby security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 For more details about the security issues, including...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the importBinaryModel function in the JAR Handler component. An attacker can execute arbitrary code or manipulate application behavior by providing specially crafted JAR with embedded into a model...
CVE-2018-25320
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to...
CVE-2018-25328
VX Search 10.6.18 is affected by a local buffer overflow in the directory field. The vulnerability can be triggered by an oversized input file containing 271 bytes of junk data followed by a return address, allowing an attacker to overwrite the instruction pointer and execute arbitrary code with ...
CVE-2018-25323
CVE-2018-25323 affects Allok AVI DivX MPEG to DVD Converter version 2.6.1217. A vulnerability in the License Name field allows a locally authenticated attacker to trigger a structured exception handler (SEH) buffer overflow by pasting a specially crafted payload, leading to arbitrary code executi...
EUVD-2018-21843
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the...
CVE-2018-25320 ACL Analytics 11.x - 13.0.0.579 Arbitrary Code Execution
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to...
CVE-2018-25320
CVE-2018-25320 affects ACL Analytics 11.x through 13.0.0.579. The vulnerability is an arbitrary code execution via the EXECUTE function, enabling an attacker to run commands with SYSTEM privileges. Reported chain includes using bitsadmin to download malicious PowerShell scripts and execute them t...
EUVD-2018-21841
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to...
CVE-2018-25320 ACL Analytics 11.x - 13.0.0.579 Arbitrary Code Execution
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to...
CVE-2018-25320
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to...
Alloksoft Fast AVI MPEG Splitter 安全漏洞
Alloksoft Fast AVI MPEG Splitter is a multimedia processing tool developed by Alloksoft Corporation, capable of quickly splitting and trimming video files in formats such as AVI and MPEG. Version 1.2 of Alloksoft Fast AVI MPEG Splitter contains a security vulnerability. This vulnerability stems...
PT-2026-41546
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to...
PT-2026-41554
VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute...
Linux Distros Unpatched Vulnerability : CVE-2026-31236
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions command- line argument. This argument is intended to allow use...
CVE-2026-0432
Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...