PT-2026-20650

Name of the Vulnerable Software and Affected Versions zhutoutoutousan worldquant-miner versions through 1.0.9 Description A server-side request forgery issue exists in zhutoutoutousan worldquant-miner. The issue is related to the manipulation of the make request argument within an unknown functio...

Important: kernel

Issue Overview: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier...

PT-2026-20646

A flaw has been found in busy up to 2.5.5. The affected element is an unknown function of the file source-code/busy-master/src/server/app.js of the component Callback Handler. Executing a manipulation of the argument state can lead to open redirect. It is possible to launch the attack remotely. T...

OpenClaw 访问控制错误漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an access control error vulnerability. The vulnerability stems from a mismatch between rawCommand and command in the node host system.run handler, which can be exploited by an attacker to cause the...

Amazon Linux 2 : kernel, --advisory ALAS2-2026-3165 (ALAS-2026-3165)

The version of kernel installed on the remote host is prior to 4.14.350-266.564. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3165 advisory. A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function...

FLIR Systems AX8 Cameras Command Injection (CVE-2022-4364)

A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. Affected by this issue is some unknown functionality of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. The attack is possible to be carried out...

Linux Distros Unpatched Vulnerability : CVE-2026-2704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in Open Babel up to 3.1.1. The affected element is the function OpenBabel::transform3d::DescribeAsString of the file...

CVE-2026-2669

A vulnerability was determined in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This impacts an unknown function of the file /dm/dispatch/user/delete of the component User Handler. This manipulation of the argument ID causes improper access controls. Remote...

CVE-2026-27174

MajorDoMo aka Major Domestic Module allows unauthenticated remote code execution via the admin panel's PHP console feature. An include order bug in modules/panel.class.php causes execution to continue past a redirect call that lacks an exit statement, allowing unauthenticated requests to reach th...

CVE-2019-25365

ChaosPro 2.0 contains a buffer overflow vulnerability in the configuration file path handling that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious configuration file with carefully constructed payload to overwrite memory...

CVE-2019-25357

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler SEH. Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially execute...

CVE-2019-25365 ChaosPro 2.0 - Buffer Overflow

ChaosPro 2.0 contains a buffer overflow vulnerability in the configuration file path handling that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious configuration file with carefully constructed payload to overwrite memory...

CVE-2019-25365 ChaosPro 2.0 - Buffer Overflow

ChaosPro 2.0 contains a buffer overflow vulnerability in the configuration file path handling that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious configuration file with carefully constructed payload to overwrite memory...

CVE-2019-25360

CVE-2019-25360 affects AIDA64 Engineer 6.10.5200, where a buffer overflow in the CSV logging configuration enables remote code execution by processing a specially crafted log file with an SEH overwrite. This can lead to arbitrary code execution with high impact to confidentiality, integrity, and ...

CVE-2019-25360 Aida64 6.10.5200 - Buffer Overflow

Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. Attackers can exploit the vulnerability by creating a malformed log file with carefully constructed SEH...

CVE-2019-25360 Aida64 6.10.5200 - Buffer Overflow

Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. Attackers can exploit the vulnerability by creating a malformed log file with carefully constructed SEH...

CVE-2019-25357 Control Center PRO 6.2.9 - Local Stack Based BufferOverflow

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler SEH. Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially execute...

CVE-2019-25357 Control Center PRO 6.2.9 - Local Stack Based BufferOverflow

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler SEH. Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially execute...

CVE-2019-25357

CVE-2019-25357 affects Control Center PRO 6.2.9. A stack-based buffer overflow in the user creation module’s username field allows overwriting the Structured Exception Handler (SEH). An attacker can craft a payload exceeding 664 bytes to inject shellcode and potentially execute arbitrary code on ...

GHSA-R9WP-QQ53-QVJX mingSoft MCMS does not properly restrict file uploads

A flaw has been found in mingSoft MCMS 6.1.1. The affected element is an unknown function of the file /ms/file/uploadTemplate.do of the component Template Archive Handler. Executing a manipulation of the argument File can lead to unrestricted upload. The attack can be launched remotely. The explo...