Ivanti Secure Access Client 信任管理问题漏洞

Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Versions of Ivanti Secure Access Client prior to 22.8R6 contained a vulnerability related to trust management. This vulnerability stemmed from improper certificate verification, which could allow...

Trimble SketchUp 安全漏洞

Trimble SketchUp is a 3D modeling software developed by Trimble in the United States. It is designed for architects, urban planning experts, producers, game developers, and professionals in related fields. Trimble SketchUp has a security vulnerability that stems from improper handling of dynamic...

CVE-2026-36228

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality...

Apache CXF 安全漏洞

Apache CXF is an open-source web service framework developed by the Apache Foundation in the United States. This framework supports various web service standards and multiple front-end programming APIs. There are security vulnerabilities in Apache CXF; these vulnerabilities arise from incomplete...

Easy Chat Server 安全漏洞

Easy Chat Server is a LAN chat server software developed by Easy Chat Server Inc. Version 3.1 of Easy Chat Server contains a security vulnerability. This vulnerability stems from the UserName parameter, which allows for directory traversal. As a result, remote attackers may gain access to sensiti...

PT-2026-42753

The fix for CVE-2025-48913: Apache CXF: Untrusted JMS configuration can lead to RCE was not complete, meaning that another path in the code might lead to code execution capabilities, if untrusted users are allowed to configure JMS for Apache CXF. Users are recommended to upgrade to versions 4.2.1...

Microsoft Azure Orbital Spatio 代码问题漏洞

Microsoft Azure Orbital Spatio is a satellite geospatial data processing and analysis platform developed by Microsoft Corporation. There is a code vulnerability in Microsoft Azure Orbital Spatio, which stems from unlimited upload of dangerous types of files. This vulnerability could allow...

Easy Chat Server 安全漏洞

Easy Chat Server is a LAN chat server software developed by Easy Chat Server Inc. Version 3.1 of Easy Chat Server has a security vulnerability. This vulnerability stems from a buffer overflow in the chat message function, which could allow remote attackers to obtain sensitive information and...

PT-2026-42732

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.4 Description Sandbox escape flaws in NodeVM allow unauthenticated remote code execution on the host server. The issue occurs because the dangerous builtin denylist in lib/builtin.js misses process and...

PT-2026-42930

CVE-2026-5297 - Here is a title for the vulnerability: Apache Struts Deserialization Remote Code Execution Vulnerability CVE ID :CVE-2026-5297 Published : May 21, 2026, 11:16 p.m. | 2 hours, 24 minutes ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numberi...

PT-2026-42704

A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...

CVE-2026-36228

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality...

CVE-2026-36227

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

PT-2026-42804

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

amazon-braket-sdk-python 安全漏洞

Amazon Braket SDK Python is a Python development toolkit for Amazon Braket’s open-source quantum computing service. Versions of Amazon Braket SDK Python prior to 1.117.0 contained a security vulnerability. This vulnerability stemmed from an insecure deserialization mechanism in the job result...

EUVD-2026-31472

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality...

CVE-2026-36228

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality...

Drupal Core SQL Injection Vulnerability

Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and remote code execution via specially crafted requests sent with the database abstraction API...

PT-2026-42831

Name of the Vulnerable Software and Affected Versions Docker Model Runner on macOS affected versions not specified Description The MLX inference backend uses the MLX-LM library, which imports and executes arbitrary Python files from model directories via the model file configuration field in the...

Unity Linux 20.1070e Security Update: resteasy (UTSA-2026-016699)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016699 advisory. JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could...