CVE-2025-11739

CWE‑502: Deserialization of Untrusted Data vulnerability exists that could cause arbitrary code execution with administrative privileges when a locally authenticated attacker sends a crafted data stream, triggering unsafe deserialization...

CVE-2025-11739

CWE‑502: Deserialization of Untrusted Data vulnerability exists that could cause arbitrary code execution with administrative privileges when a locally authenticated attacker sends a crafted data stream, triggering unsafe deserialization...

CVE-2025-11739

CWE‑502: Deserialization of Untrusted Data vulnerability exists that could cause arbitrary code execution with administrative privileges when a locally authenticated attacker sends a crafted data stream, triggering unsafe deserialization...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corrupti...

Security Bulletin: A security vulnerability in logback-classic-1.3.14.jar affects IBM DevOps Code ClearCase [CVE-2024-12798]

Summary A security vulnerability in logback-classic-1.3.14.jar affects IBM DevOps Code ClearCase CVE-2024-12798 Vulnerability Details CVEID:CVE-2024-12798 DESCRIPTION: ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java...

Security Bulletin: Multiple vulnerabilities in logback-core-1.3.14.jar affects IBM DevOps Code ClearCase [CVE-2024-12798, CVE-2024-12801, CVE-2025-11226,CVE-2026-1225]

Summary Multiple vulnerabilities in logback-core-1.3.14.jar affects IBM DevOps Code ClearCase CVE-2024-12798, CVE-2024-12801, CVE-2025-11226,CVE-2026-1225 Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in configuration file processing by QOS.CH logback-core up to and...

CVE-2025-70038

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface

Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...

GHSA-9C4H-PWMF-M6FJ RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface

Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...

APSB26-05 : Security update available for Adobe Commerce

Adobe has released a security update for Adobe Commerce and Magento Open Source. This update resolves critical, important, and moderate vulnerabilities. Successful exploitation could lead to security feature bypass, application denial-of-service, privilege escalation, arbitrary code execution, an...

Adobe Reader < 25.001.21288 Multiple Vulnerabilities (APSB26-26) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 25.001.21288. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could resul...

D-Link DIR-513 goform/formAdvFirewall File Buffer Overflow Vulnerability

D-Link DIR-513 is a wireless router product from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-513 v1.10 version. The vulnerability stems from the goform/formAdvFirewall component failing to properly validate the length and size of input data, which can be exploited...

Adobe DNG SDK 缓冲区错误漏洞

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An out-of-bounds write vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause arbitrary code to be executed in the...

Adobe Substance3D Stager 缓冲区错误漏洞

Adobe Substance3D Stager is a 3D scene modeling and rendering software developed by Adobe Inc. Versions of Adobe Substance3D Stager 3.1.7 and earlier contain a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which may allow arbitrary code to execute under current...

Siemens COMOS has multiple vulnerabilities

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, retention and distribution of information throughout the plant lifecycle. Siemens COMOS has multiple vulnerabilities that can be exploited by attackers to execute...

Adobe Premiere Pro < 25.6 Arbitrary code execution (APSB26-28)

The version of Adobe Premiere Pro installed on the remote Windows host is prior to 25.6. It is, therefore, affected by a vulnerability as referenced in the APSB26-28 advisory. - Out-of-bounds Read CWE-125 potentially leading to Arbitrary code execution CVE-2026-27269 Note that Nessus has not test...

KLA90934 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in WebML can be exploited to cause...

Adobe Illustrator 安全漏洞

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator suffers from a stack buffer overflow vulnerability vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to...

PT-2026-24501

Name of the Vulnerable Software and Affected Versions Illustrator versions 29.8.4 and earlier Illustrator version 30.1 and earlier Description Illustrator versions 29.8.4 and 30.1, and earlier are susceptible to a Stack-based Buffer Overflow. Successful exploitation of this issue could lead to...

PT-2026-24500

Name of the Vulnerable Software and Affected Versions Illustrator versions 29.8.4 and earlier Illustrator version 30.1 Description The software contains an out-of-bounds write issue that may allow for arbitrary code execution with the privileges of the current user. Successful exploitation requir...