251947 matches found
SUSE CVE-2026-42211
React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code execution RCE through external requests. This attack requires the application code to have an existing prototype pollution...
Tautulli 安全漏洞
Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.1 contained security vulnerabilities; these vulnerabilities stemmed from the newsletter custom template directory feature, which could lead to remote code execution...
Neterbit NW-431F Router 安全漏洞
The Neterbit NW-431F Router is a 4G LTE wireless router produced by the Neterbit company. The Neterbit NW-431F Router, version NW-431F-20241014-IR03, has a security vulnerability. This vulnerability stems from command injection in the atcommand.asp interface, which may allow remote attackers to...
PT-2026-46211
Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...
Mobatek MobaXterm 安全漏洞
Mobatek MobaXterm is a terminal software developed by the French company Mobatek. It integrates an enhanced terminal, X servers, and Unix command sets GNU/Cygwin. Version 12.1 of Mobatek MobaXterm contains a security vulnerability. This vulnerability stems from a buffer overflow in the structured...
GX Group Earth 2022 ONT 操作系统命令注入漏洞
GX Group Earth 2022 ONT is an FTTH optical network terminal device developed by the Turkish company GX Group. The GX Group Earth 2022 ONT has a vulnerability related to operating system command injection. This vulnerability arises from improper handling of user input by multiple diagnostic...
PT-2026-46789
Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...
PT-2026-46297
Name of the Vulnerable Software and Affected Versions BarTender 2010 BarTender 2016 versions prior to R10 BarTender 2019 versions prior to R11 Description An unauthenticated remote code execution issue exists in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The...
CoreShop 代码注入漏洞
CoreShop is an open-source e-commerce system developed by CoreShop. Versions 5.0.1 to 5.1.0-beta.1 of CoreShop have a code injection vulnerability. This vulnerability arises from the GitHub Actions workflow using pullrequesttarget to trigger and inspect unvalidated code, potentially allowing remo...
VulnCheck KEV: CVE-2018-25270
ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing parameter. Attackers can craft requests to the index.php endpoint with malicious function parameters to execute system...
CVE-2025-69755
An issue in Neterbit NW-431F Router vNW-431F-20241014-IR03 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted command to the atcommand.asp interface...
PT-2026-46487
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description A use after free issue exists where a remote attacker can execute arbitrary code. This is achieved by convincing a user to perform specific UI gestures while interacting with a...
PT-2026-46750
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Chromoting allows a remote attacker to execute arbitrary code through malicious network traffic. Use after free is a memory corruption flaw that occurs when an...
PT-2026-46757
Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.53 Description An inappropriate implementation in Safe Browsing allows a remote attacker to execute arbitrary code through the use of a malicious file. Recommendations Update to version...
PT-2026-46414
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description A use after free issue in Google Chrome on iOS allows a remote attacker to execute arbitrary code. This is achieved by inducing the victim to visit a specially crafted HTML page...
PT-2026-46602
Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 149.0.7827.53 Description A use after free issue in WebRTC allows a remote attacker to execute arbitrary code through a specially crafted HTML page. Use after free is a memory corruption flaw that occur...
PT-2026-46488
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in the Input component allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free i...
PT-2026-46430
Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.53 Description A use after free issue exists where a remote attacker can execute arbitrary code. This is achieved by convincing a user to perform specific UI gestures while interacting with a...
PT-2026-46529
Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 149.0.7827.53 Description A use after free issue in Fonts allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw tha...
PT-2026-46425
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description A use after free issue allows a remote attacker to execute arbitrary code through a crafted HTML page. Use after free occurs when an application continues to use a pointer after ...