Linux Distros Unpatched Vulnerability : CVE-2026-1299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The email module, specifically the BytesGenerator class, didn't properly quote newlines for email headers when serializing an email message allowing for header...

PT-2026-4525

Name of the Vulnerable Software and Affected Versions Doogee Note59 Doogee Note59 Pro Doogee Note59 Pro+ affected versions not specified Description A flaw exists within the com.sprd.engineermode component that could allow a local attacker to execute arbitrary code and escalate privileges. This i...

Exploit for Code Injection in Lubus Wp_Query_Console

CVE-2024-50498 / 0-Click RCE Exploit - Author: Joshua Provost...

CVE-2021-47853

phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...

Johnson Controls Inc. iSTAR Configuration Utility (ICU) tool

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a failure within the operating system of the machine hosting the ICU tool. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

SUSE CVE-2021-47853

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Ruijie AP180 Series Operating System Command Injection Vulnerability

The Ruijie AP180 Series is a series of panel-type wireless access points produced by the Chinese company Ruijie. Previous versions of the Ruijie AP180 Series, including those with model number 11.94B1P8, had a vulnerability related to operating system command injection. This vulnerability stems...

CVE-2021-47853

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2021-47853

Removed by vendor...

EUVD-2026-3636

phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...

CVE-2025-36059

IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 006. IBM Cloud Pak for Business Automation could allow a local user with access to the container to execute OS system calls...

CVE-2025-68133

CVE-2025-68133 affects the EVerest EV charging software stack. In versions 2025.9.0 and below, an attacker can exhaust the OS memory and terminate the module by opening an unlimited number of TCP connections that do not proceed to ISO 15118-2 communication. This occurs because a new thread is sta...

CVE-2025-55423

A command injection vulnerability exists in the upnprelay function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system without proper validation or sanitization, allowing OS command injection...

Important Photon OS Security Update - PHSA-2026-5.0-0744

Updates of 'python3-urllib3' packages of Photon OS have been released...

UBUNTU-CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

CVE-2025-36059

CVE-2025-36059 affects IBM Cloud Pak for Business Automation and IBM Business Automation Workflow containers: 25.0.0-IF002, 24.0.1-IF005, and 24.0.0-IF006. The root cause is a local user with container access being able to execute OS system calls. IBM bulletin notes remediation by applying fixed ...

CVE-2025-36059

IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 006. IBM Cloud Pak for Business Automation could allow a local user with access to the container to execute OS system calls...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52431)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

PT-2026-3586

IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 006. IBM Cloud Pak for Business Automation could allow a local user with access to the container to execute OS system calls...

IBM Business Automation Workflow security vulnerabilities

IBM Business Automation Workflow is a workflow automation solution developed by the American multinational company International Business Machines IBM. This product is primarily used for workflow management and compliance control, and it features workflow visibility and scalability. Versions of I...