Joomla! Portfolio Nexus - Remote File Inclusion

Joomla! Portfolio Nexus 1.5 contains a remote file inclusion vulnerability in the inertialFATE iF comifnexus component that allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2009-4679 info: name: Joomla! Portfol...

Apache Unomi - Remote Code Execution

Apache Unomi allows conditions to use OGNL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process, enabling attackers to execute arbitrary code. id: CVE-2020-11975 info: name: Apache Unomi -...

Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-url` Annotation

A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets...

vBulletin replaceAdTemplate - Remote Code Execution

vBulletin versions 5.0.0 through 6.0.3 contain a Remote Code Execution RCE vulnerability in the ajax/api/ad/replaceAdTemplate endpoint. This flaw arises from improper use of PHP's Reflection API, allowing unauthenticated attackers to invoke protected controller methods. By injecting a crafted...

GRAND FlAGallery 1.57 - Cross-Site Scripting

A cross-site scripting XSS vulnerability in facebook.php in the GRAND FlAGallery plugin flash-album-gallery before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter. id: CVE-2011-4624 info: name: GRAND FlAGallery 1.57 - Cross-Site Scripting...

Fortinet FortiSandbox - Command Injection

Fortinet FortiSandbox 4.4.0 through 4.4.8 contains a command injection caused by improper neutralization of special elements in OS commands, letting attackers execute unauthorized code or commands, exploit requires crafted input. id: CVE-2026-39808 info: name: Fortinet FortiSandbox - Command...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory...

FUEL CMS 1.4.1 - Remote Code Execution

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. id: CVE-2018-16763 info: name: FUEL CMS 1.4.1 - Remote Code Execution author: pikpikcu severity: critical description: FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/...

CVE-2025-71348 picklescan - Arbitrary Code Execution via torch.utils._config_module.load_config Bypass

picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils.configmodule.loadconfig function within reduce methods. Attackers can craft pickle files embedding arbitrary code that evades detection but executes during pickle.load, enabling remote code execution in supply...

CVE-2025-71348

CVE-2025-71348 affects the picklescan utility (pre-0.0.28) where malicious pickle payloads can invoke torch.utils._config_module.load_config during unpickling, bypassing detection and enabling remote code execution in supply-chain contexts. Documents describe a bypass in reduce methods that allow...

kernel: rxrpc: Fix RxGK token loading to check bounds

A flaw was found in the Linux kernel's rxrpc subsystem. An unprivileged local user could exploit an integer overflow vulnerability in the rxrpcpreparsexdryfsrxgk function. This flaw occurs when processing specially crafted key and ticket lengths, causing an incorrect memory allocation size...

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

CVE-2016-20090

Comodo Dragon Browser versions up to 52.15.25.663 contain a privilege escalation vulnerability in the DragonUpdater service due to an unquoted service path running with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevat...

EUVD-2016-10906

Wise Care 365 4.27 and Wise Disk Cleaner 9.29 contain unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service respectively, allowing local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that...

EUVD-2016-10902

Iperius Remote 1.7.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation path. When installed from directories containing spaces, attackers can place malicious executables in the path to be...

Astra Linux – Vulnerability in exempi

The XMP Toolkit version 2020.1 and earlier versions is affected by a memory corruption vulnerability, which may lead to the execution of arbitrary code within the context of the current user. User interaction is required to exploit this vulnerability...

Astra Linux – Vulnerability in Firefox

When Web Render components were destroyed, a race condition could lead to undefined behavior. We assume that with sufficient effort, this vulnerability could be exploited to execute arbitrary code. This vulnerability affects Firefox versions earlier than 88.0.1, as well as Firefox for Android...

Astra Linux – Vulnerability in Firefox

Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs in Firefox 95. Some of these bugs exhibited signs of memory corruption, and we believe that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects...