120967 matches found
Eval Injection
Overview n8n-workflow is a Workflow base code of n8n Affected versions of this package are vulnerable to Eval Injection during the Expression evaluation workflow. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not...
CVE-2026-24810
A flaw was found in rethinkdb. Commonly known as a classic buffer overflow, the vulnerability allows a remote, unauthenticated attacker to provide specially crafted input. Successful exploitation can lead to arbitrary code execution, granting the attacker full control over the affected system...
CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
CVE-2025-41726
CVE-2025-41726 affects Beckhoff components (Beckhoff: Arbitrary code execution within privileged processes). The connected records describe a low-privileged remote attacker who can issue specially crafted calls to the Device Manager web service or interact via an API, triggering integer overflows...
EUVD-2025-206407
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
Exploit for CVE-2025-56005
Ply 3.11 Exploit Rejection This project argues that CVE‑202...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the PNGImageEncoder process. An attacker can execute arbitrary code by supplying crafted input that is improperly handled during image encoding. Remediation A fix was pushed into the master branch but not ye...
CVE-2026-21408
beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with SYSTEM privileges...
CVE-2026-21408
beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with SYSTEM privileges...
CVE-2026-21408
The CVE-2026-21408 issue affects beat-access for Windows 3.0.3 and earlier, due to an insecure DLL search path (Uncontrolled search path element, CWE-427) that may cause loading of DLLs leading to arbitrary code execution with SYSTEM privileges. Documented impact is arbitrary code execution with ...
Realtek Andrea RT Filters code-related vulnerabilities
Realtek Andrea RT Filters is a high-level audio processing component developed by Realtek Semiconductor. Version 1.0.64.7 of Realtek Andrea RT Filters contains a code vulnerability caused by an unquoted service path, which may allow for the execution of arbitrary code...
xrdp security vulnerabilities
XRDPT is an open-source remote desktop protocol server developed by Neutrinolabs. Versions of XRDPT prior to v0.10.5 contained security vulnerabilities. These vulnerabilities stemmed from improper boundary checking when processing user domain information, which could lead to stack-based buffer...
Delta Electronics ASDA-Soft 安全漏洞
Delta Electronics ASDA-Soft is an AC servo motor from Delta Electronics China. The Delta Electronics ASDA-Soft suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system...
📄 PLY 3.11 Arbitrary Code Execution
An undocumented and unsafe feature in the PyPI‑distributed version of PLY version 3.11 allows arbitrary code execution when the yacc function is invoked with the picklefile parameter. 🚨 Undocumented Remote Code Execution in PLY CVE‑2025‑56005 CVE ID: CVE‑2025‑56005 Reported by: Ahmed Abd Disclosu...
Segurazo S Antivirus IC code issue vulnerability
Segurazo SAntivirus IC is a antivirus software developed by the American company Segurazo. Version 10.0.21.61 of Segurazo SAntivirus IC has a code vulnerability that stems from a service path without quotes, which may allow for the execution of arbitrary code...
Motorola Device Manager code-related vulnerabilities
Motorola Device Manager is a computer-based device management tool developed by the American company Motorola. Version 2.4.5 of Motorola Device Manager contains a code vulnerability caused by an unquoted service path, which may allow for the execution of arbitrary code...
Motorola Device Manager code-related vulnerabilities
Motorola Device Manager is a computer-based device management tool developed by the American company Motorola. Version 2.5.4 of Motorola Device Manager contains a code vulnerability caused by an unquoted service path, which may allow for the execution of arbitrary code...
Quick-Media security vulnerabilities
Quick-Media is a multimedia service software developed by YiHui’s individual developers. Versions of Quick-Media prior to v1.0 contained security vulnerabilities. These vulnerabilities stemmed from a code injection vulnerability in the PNG encoding component, PNGImageEncoder.Java, which could all...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : Git LFS vulnerabilities (USN-7977-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7977-1 advisory. Ryota K discovered that Git LFS may leak login credentials in certain instances due to failing to check for...