25165 matches found
Microsoft Windows Cloud Files Mini Filter Driver 安全漏洞
Microsoft Windows Cloud Files Mini Filter Driver is a cloud file filter driver from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Cloud Files Mini Filter Driver. An attacker could exploit the vulnerability to elevate privileges. The following products and version...
Fortinet FortiSandbox 操作系统命令注入漏洞
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from US-based Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. An operating system command injection vulnerability exists in Fortine...
PT-2025-50090
Name of the Vulnerable Software and Affected Versions Yandex Telemost versions prior to 2.19.1 Description An uncontrolled search path element issue exists in Yandex Telemost on MacOS, enabling search order hijacking. This allows an attacker to potentially manipulate the system's search path to...
Important Photon OS Security Update - PHSA-2025-4.0-0924
Updates of 'linux' packages of Photon OS have been released...
Mozilla Firefox ESR < 140.6
The version of Firefox ESR installed on the remote Windows host is prior to 140.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-94 advisory. - Privilege escalation in the Netmonitor component. This vulnerability affects Firefox 146 and Firefox ESR 140.6...
CVE-2023-53744
In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xxpmprobe wkupm3ipcget takes refcount, which should be freed by wkupm3ipcput. Add missing refcount release in the error paths...
📄 Microsoft Windows LNK File UI Misrepresentation Remote Code Execution
A critical vulnerability exists in Microsoft Windows LNK file handling that allows attackers to create malicious shortcut files that appear legitimate in Windows Explorer while executing arbitrary commands. The vulnerability is a UI misrepresentation flaw where Windows incorrectly displays file...
Huawei EMUI和Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is Huawei's self-developed distributed operating system, designed for cell phones, tablets, smart homes and other full-scene devices to achieve seamless cross-device collaboration. Huawei EMUI is Huawei's deeply customized mobile operating system based on Android. A privilege...
Google Android 安全漏洞
Google Android is a free and open source mobile operating system based on the Linux kernel developed by Google. Google Android suffers from a logic error vulnerability that stems from a logic error issue in Session.java, which can be exploited by an attacker to view images of other users on the...
CVE-2025-40297
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being deleted, after all its...
Exploit for OS Command Injection in Clam_Anti-Virus Clamav
Sendmail + ClamAV-Milter Exploit CVE-2007-4560 Python RCE e...
TykoTech Fork 操作系统命令注入漏洞
TykoTech Fork is an AI integration tool for LionTech individual developers. An OS command injection vulnerability exists in TykoTech Fork version 0.1, which stems from misuse of the parameter authorizationUrl in the file /.well-known/oauth-authorization-server, which could lead to os command...
CVE-2025-14092
A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed...
CVE-2025-14094
Edimax BR-6478AC V3 (firmware 1.0.15) is affected by an OS command injection in the function sub_44CCE4 of /boafrm/formSysCmd. The vulnerability arises from manipulating the sysCmd argument, enabling remote execution of commands. Public exploit code exists, and multiple sources confirm the attack...
EUVD-2025-201307
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including...
EUVD-2025-201318
User interface ui misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network...
Important Photon OS Security Update - PHSA-2025-5.0-0705
Updates of 'linux-esx', 'linux' packages of Photon OS have been released...
Photon OS 4.0: Linux PHSA-2025-4.0-0919
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0919. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2025-13940
An Expected Behavior Violation CWE-440 vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting down in the event of a system integrity check failure. The on-demand system integrity check in the...
CVE-2025-12196
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up ...