PT-2026-45540

Name of the Vulnerable Software and Affected Versions AI Tensor Engine for ROCm AITER versions prior to 0.1.15 Description An unauthenticated remote code execution issue exists in the MessageQueue.recv function within shm broadcast.py. This occurs because a ZMQ SUB socket lacks authentication,...

PT-2026-45541

IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions ACS is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator...

PT-2026-45254

Name of the Vulnerable Software and Affected Versions wlan AP driver affected versions not specified Description A heap buffer overflow in the wlan AP driver can lead to memory corruption. This issue allows for remote code execution with User execution privileges, requiring no user interaction fo...

PT-2026-45386

Name of the Vulnerable Software and Affected Versions Teamwork Cloud versions No Magic Release 2022x through No Magic Release 2026x Magic Collaboration Studio versions CATIA Magic Release 2022x through CATIA Magic Release 2026x Description An issue involving the deserialization of untrusted data...

PT-2026-45544

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 8.5 IBM WebSphere Application Server version 9.0 Description Remote code execution can occur due to the deserialization of untrusted data. This issue affects JAX-WS endpoints that utilize WS-Security...

PUB-A-449725859

In Modem, there is a possible way to trigger a modem crash during a SIP REFER request due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-477022794

In mfccorenalqgetdecmetadataseinal of mfccorenalq.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45444

Name of the Vulnerable Software and Affected Versions Poppler affected versions not specified Description A flaw in the Splash backend allows a remote attacker to trigger an integer overflow in the tilingPatternFill function by using a specially crafted PDF file. This overflow causes an undersize...

PT-2026-45618

Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Attackers can craft malicious input exceeding 658 bytes with shellcode to overwrite the structured exception...

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the XCom PATCH...

IBM i Access 注入漏洞

IBM i Access is a set of IBM i platform client software developed by the American multinational company International Business Machines IBM. Versions 1.1.5.0 to 1.1.9.12 of IBM i Access, along with IBM i Access Client Solutions, have injection vulnerabilities. These vulnerabilities arise when the...

aiter 代码问题漏洞

aiter is a high-performance AI operator library open source by AMD ROCm™ Software, providing optimized GPU cores for inference and training. Versions of aiter prior to 0.1.14 contain code vulnerabilities. These vulnerabilities stem from unauthenticated remote code execution in the MessageQueue.re...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a buffer overflow in multiple functions within sdpdiscovery.cc. This vulnerability may lead to remote code execution, and it can be...

ArmCode Arm Whois 安全漏洞

ArmCode Arm Whois is a web information query tool developed by ArmCode Corporation. Version 3.11 of ArmCode Arm Whois contains a security vulnerability. This vulnerability stems from a stack buffer overflow, which could allow remote attackers to execute arbitrary code by providing excessive input...

HP Poly Voice 安全漏洞

HP Poly Voice is a voice communication software developed by the American company Hewlett-Packard HP. There is a security vulnerability in HP Poly Voice, which stems from a buffer overflow issue when administrators enable interactive connection establishment. This vulnerability may lead to remote...

Disig Web Signer 安全漏洞

Disig Web Signer is an electronic signature middleware platform developed by the Slovak company Disig. Versions 2.0.3 to 2.5.3 of Disig Web Signer contain security vulnerabilities, which stem from critical remote code execution vulnerabilities...

VulnCheck KEV: CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

PUB-A-449725960

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Dassault Systèmes Teamwork Cloud和Dassault Systèmes Magic Collaboration Studio 安全漏洞

Dassault Systèmes Teamwork Cloud and Dassault Systèmes Magic Collaboration Studio are both products of Dassault Systèmes, a French company. Dassault Systèmes Teamwork Cloud is a collaborative model version control and storage platform. Dassault Systèmes Magic Collaboration Studio is a cloud-based...

PUB-A-449159763

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...