120964 matches found
RHEL 10 / 9 : Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update (Important) (RHSA-2026:24762)
The remote Redhat Enterprise Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24762 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...
PT-2026-47958
Name of the Vulnerable Software and Affected Versions Microsoft Office affected versions not specified Description A heap-based buffer overflow allows an unauthorized attacker to execute arbitrary code locally and remotely, potentially affecting the entire system. A heap-based buffer overflow...
PT-2026-48247
Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description A Use After Free issue exists in the Multimedia Rendition component, which could lead to arbitrary code execution in the context of the current user. This occurs when a user...
PT-2026-48225
Dreamweaver Desktop versions 21.7 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2026-48308
Name of the Vulnerable Software and Affected Versions Spring Security versions 5.7.0 through 5.7.23 Spring Security versions 5.8.0 through 5.8.25 Spring Security versions 6.3.0 through 6.3.16 Spring Security versions 6.4.0 through 6.4.16 Spring Security versions 6.5.0 through 6.5.10 Spring Securi...
PT-2026-48228
Name of the Vulnerable Software and Affected Versions Substance3D - Sampler versions 6.0.0 and earlier Description An out-of-bounds write issue exists, which occurs when a program writes data past the end of the intended buffer. This can lead to arbitrary code execution within the context of the...
PT-2026-48246
Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description A Use After Free issue exists in the font handling component, which could lead to arbitrary code execution in the context of the current user. This occurs when a victim open...
PT-2026-48276
Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
APSB26-65 : Security update available for Adobe Format Plugins
Adobe has released an update for Adobe Format Plugins. This update addresses critical vulnerabilities that could lead to arbitrary code execution...
AlmaLinux 8 : libyang (ALSA-2026:24545)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:24545 advisory. libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob CVE-2026-44673 Tenable has extracted the preceding...
Oracle Linux 8 : libyang (ELSA-2026-24545)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-24545 advisory. 1.0.184-2 - DoS or arbitrary code execution via maliciously crafted LYB binary blob - Resolves: RHEL-177017 - CVE-2026-44673 Tenable has extracted the precedin...
Fedora 45 : vorbis-tools (2026-9c00940406)
The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9c00940406 advisory. Automatic update for vorbis-tools-1.4.3-5.fc45. Changelog Tue Jun 9 2026 Luk Zaoral - 1:1.4.3-5 - CVE-2026-34253 - fix arbitrary code execution via buffer...
ROS-20260609-73-0007
The vulnerability of the ngxhttprewritemodule module in NGINX Plus and NGINX Open Source web servers is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a denial-of-service attack by sending a specially crafte...
ROS-20260609-73-0008
The vulnerability of the SQL Expressions function on the Grafana monitoring and observation platform is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and gain unauthorized access to the platform by sending speciall...
APSB26-63 : Security update available for Adobe Acrobat Reader
Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, application denial-of-service, and memory exposure...
CVE-2026-11688
CVE-2026-11688 describes an inappropriate SVG implementation in Google Chrome prior to 149.0.7827.103 that enables a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Impact is high (C/H/I/A = 8.8 CVSS v3.1) per Chromium, with network access, no privileges, use...
CVE-2026-46285
A flaw was found in the Linux kernel's mtd: docg3 module. The docg3release function attempts to access memory that has already been deallocated, leading to a use-after-free vulnerability. This issue could allow a local attacker to cause a denial of service or potentially execute arbitrary code...
USN-8408-1 php-twig vulnerability
It was discovered that Twig did not properly validate PHP callables when using a source policy. An authenticated user could possibly use this issue to execute arbitrary code...
libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob
A flaw was found in libyang, a YANG data modeling language library. An integer overflow in the lybreadstring function can lead to a heap buffer overflow when parsing a maliciously crafted LYB binary blob. A remote attacker, by supplying this malicious LYB data to any libyang consumer such as a...
Important: Red Hat Security Advisory: libyang security update
An update for libyang is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...