485824 matches found
DHCP Client Service Remote Code Execution Vulnerability
Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network...
Windows UPnP Device Host Remote Code Execution Vulnerability
Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...
HTTP.sys Remote Code Execution Vulnerability
Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network...
Description of the security update for Office Online Server: June 9, 2026 (KB5002875)
Description of the security update for Office Online Server: June 9, 2026 KB5002875 Summary This security update resolves Microsoft Excel remote code execution vulnerability and Microsoft Excel Information Disclosure vulnerability. To learn more about the vulnerabilities, see the following securi...
Description of the security update for Office 2016: June 9, 2026 (KB5002852)
Description of the security update for Office 2016: June 9, 2026 KB5002852 Summary This security update resolves a Microsoft Office Remote Code Executionvulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2026-45645. Note: To apply this...
Description of the security update for Word 2016: June 9, 2026 (KB5002879)
Description of the security update for Word 2016: June 9, 2026 KB5002879 Summary This security update resolves a Microsoft Outlook and Word Remote Code Execution vulnerability and Microsoft Word Remote Code Execution vulnerability. To learn more about the vulnerabilities, see the following securi...
Description of the security update for Office 2016: June 9, 2026 (KB5002878)
Description of the security update for Office 2016: June 9, 2026 KB5002878 Summary This security update resolves a Microsoft Office remote code execution vulnerability, Microsoft Office Information Disclosure Vulnerability. To learn more about the vulnerability, see the following security...
Description of the security update for Excel 2016: June 9, 2026 (KB5002877)
Description of the security update for Excel 2016: June 9, 2026 KB5002877 Summary This security update resolves Microsoft Excel remote code execution vulnerability and Microsoft Excel Information Disclosure vulnerability. To learn more about the vulnerabilities, see the following security...
Description of the security update for SharePoint Server Subscription Edition: June 9, 2026 (KB5002873)
Description of the security update for SharePoint Server Subscription Edition: June 9, 2026 KB5002873 Summary Important: If you're currently running SharePoint Workflow Manager, you must install SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you'r...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
MCPJam Inspector Authorized Security Validator A bounded proo...
CVE-2026-9279 Shell command injection in Logseq
Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name e.g. git, pandoc, grep, the argument string is concatenated with the command and passed to childprocess.spawn with the shell: true option, allowing shell...
CVE-2026-9279
Logseq contains an IPC handler that lets the renderer execute shell commands. Although an allowlist restricts the command name (e.g., git, pandoc, grep), the argument string is concatenated with the command and passed to child_process.spawn with shell: true, allowing shell metacharacters to bypas...
EUVD-2026-35435
Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name e.g. git, pandoc, grep, the argument string is concatenated with the command and passed to childprocess.spawn with the shell: true option, allowing shell...
CVE-2026-9279 Shell command injection in Logseq
Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name e.g. git, pandoc, grep, the argument string is concatenated with the command and passed to childprocess.spawn with the shell: true option, allowing shell...
CVE-2017-20251
WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes through the WordPress REST API. Attackers can send POST requests to the wp-json/wp/v2/posts endpoint...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
axios: Axios: Remote Code Execution via Prototype Pollution escalation
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote...
lodash: lodash: Arbitrary code execution via untrusted input in template imports
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...
Exploit for CVE-2026-42945
CVE-2026-42945 - ngxhttprewritemodule module. This vulnerab...
CVE-2026-49740
TYPO3's cache frontend VariableFrontend and persistent key-value store Registry deserialized PHP payloads without integrity validation or class restrictions. An attacker with write access to the underlying storage backend cache store or sysregistry database table could inject a crafted serialized...