📄 Quick Playground for WordPress 1.3.1 Shell Upload

Proof of concept remote shell upload exploit for Quick Playground for WordPress plugin versions 1.3.1 and below. ================================================================================================================================== | Title : Quick Playground for WordPress 1.3.1 —...

Microsoft Windows 输入验证错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability in input validation of Microsoft Windows. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected: Windows 11...

FreeBSD-SA-26:33.unbound

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:33.unbound Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in unbound Category: contrib Module: unbound Announced: 2026-06-09 Affects:...

Microsoft Office Word 缓冲区错误漏洞

Microsoft Office Word is a word processing software developed by Microsoft and open sourced in the United States. There is a buffer error vulnerability in Microsoft Office Word. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected:...

Microsoft Office 安全漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There are security vulnerabilities in Microsoft Office. Attackers can exploit these...

Microsoft Office 安全漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There are security vulnerabilities in Microsoft Office. Attackers can exploit these...

Microsoft Win32k 输入验证错误漏洞

Microsoft Win32k is a system file used by Microsoft for multi-user management in Windows. There is an input validation vulnerability in Microsoft Win32k. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected: Microsoft Excel for Androi...

NETGEAR 多款产品输入验证错误漏洞

NETGEAR is a router product from the American company NETGEAR. It is a hardware device used to connect two or more networks, acting as a gateway between them. Several NETGEAR products have a vulnerability related to input validation. This vulnerability allows attackers to intercept and tamper wit...

PT-2026-48240

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...

PT-2026-47910

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A heap-based buffer overflow in the Remote Desktop Client allows an unauthorized attacker to execute code over a network. A heap-based buffer overflow occurs when a program writes...

PT-2026-47931

Name of the Vulnerable Software and Affected Versions Windows DHCP Client affected versions not specified Description A stack-based buffer overflow exists in the Windows DHCP Client, allowing an unauthorized remote attacker to execute arbitrary code over a network and affect the system. The issue...

Adobe USD-Fileformat-plugins Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within t...

NVIDIA Transformers4Rec Model.load Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NVIDIA Transformers4Rec. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Remote Desktop Client 资源管理错误漏洞

Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft Remote Desktop Client. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected:...

ROS-20260609-73-0014

The vulnerability of the ngxhttprewritemodule module in NGINX Plus and NGINX Open Source web servers is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2026-11645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...

RockyLinux 8 : samba (RLSA-2026:22644)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22644 advisory. samba: group policy certificate enrollment uses http:// without validation CVE-2026-3012 samba: Samba: Remote Code Execution in printing subsystem via...

KB5094041: Windows Server 2012 R2 Security Update (June 2026)

The remote Windows host is missing security update 5094041. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...

Linux Distros Unpatched Vulnerability : CVE-2026-11683

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML pag...

Linux Distros Unpatched Vulnerability : CVE-2026-11632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute...