206206 matches found
CVE-2026-3777 Use after free of view cache in Foxit PDF Editor/Reader
The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection through the escapeNodeAttributeValues process. An attacker can execute arbitrary operating system commands by crafting a malicious .sy.zip file containing specially formatted block attribute values, which, when...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection through the escapeNodeAttributeValues process. An attacker can execute arbitrary operating system commands by crafting a malicious .sy.zip file containing specially formatted block attribute values, which, when...
PT-2026-29531
An arbitrary file overwrite vulnerability in Ora Tools PDF Reader ' Reader & Editor APPv4.3.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
PT-2026-29547
There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HTTP requests...
PT-2026-29435
Name of the Vulnerable Software and Affected Versions The application affected versions not specified Description The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low-privileged users and is not...
JeecgBoot 安全漏洞
JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Versions of JeecgBoot from 3.0.0 to 3.5.3 have security vulnerabilities. These vulnerabilities stem from lax character filtering, which could allow attackers to execute arbitrary code o...
Foxit PDF Reader和Foxit PDF Editor 安全漏洞
Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from the logic of list box calculati...
Cisco Integrated Management Controller(IMC) 缓冲区错误漏洞
The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...
JeecgBoot 安全漏洞
JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Versions of JeecgBoot from v3.0.0 to v3.5.3 have security vulnerabilities. These vulnerabilities stem from command injection in the component jmreport/show, which could allow attackers ...
CVE-2024-40489
CVE-2024-40489 concerns Jeecg Boot releases 3.0.0–3.5.3, where lax character filtering enables an injection vulnerability that could let an attacker execute arbitrary code via specially crafted HTTP requests. Affected software: Jeecg Boot (Java low-code platform) versions 3.0.0–3.5.3. Root cause:...
CVE-2024-43028
A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...
RHEL 9 : freerdp (RHSA-2026:6395)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6395 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the luaLloadfile plugin in configuration directories. An attacker can execute unauthorized code and access sensitive information by placing a specially crafted Lua bytecode file in a system or user...
ROS-20260401-73-0044
Vulnerability in salt related to incorrect code generation control. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
RHEL 9 : freerdp (RHSA-2026:6385)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6385 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...
Fuji Electric V-SFT 安全漏洞
Fuji Electric V-SFT is a screen configuration software developed by Fuji Electric, a Japanese company. Versions of Fuji Electric V-SFT 6.2.10.0 and earlier contain security vulnerabilities. These vulnerabilities stem from a stack-based buffer overflow vulnerability in...
Ubuntu: Security Advisory (USN-8130-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome < 146.0.7680.177 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 146.0.7680.177. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop31 advisory. - Use after free in Compositing in Google Chrome prior to 146.0.7680.178...
ALSA-2026:6340 Important: freerdp security update
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP heap-use-after-free CVE-2026-22856 freerdp: FreeRDP...