255307 matches found
VulnCheck KEV: CVE-2026-41089
Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...
Linux Distros Unpatched Vulnerability : CVE-2026-10007
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in SVG in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-9884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Browser in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...
Linux Distros Unpatched Vulnerability : CVE-2026-10021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTM...
SUSE SLES15 / openSUSE 15 Security Update : samba (SUSE-SU-2026:2074-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2074-1 advisory. This update for samba fixes the following issues - CVE-2026-2340: vfsworm does not block directory modification...
SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2026:2076-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2076-1 advisory. This update for samba fixes the following issues Security issues: - CVE-2026-1933: Missing access check on...
MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution
Exploit Title: MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution Date: 2026-05-14 Exploit Author: cardosource Vendor Homepage: https://github.com/mix-php/mix Software Link: https://github.com/mix-php/mix Version: 2.x through 2.2.17 Tested on: Ubuntu 26.04 LTS / PHP 8.3.6 CVE:...
Langflow 1.3.0 - Remote Code Execution
Exploit Title: Langflow 1.3.0 - Remote Code Execution Fofa-dork: title="Langflow" Shodan-dork: title:"Langflow" Date: 23-05-2026 Exploit Author: Diamorphine Venodor Homepage: https://www.langflow.org/ Software Link: https://github.com/langflow-ai/langflow Version: 1.2.0 Tested on: Debian CVE :...
Linux Distros Unpatched Vulnerability : CVE-2026-9947
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in XML in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-9939
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HT...
Linux Distros Unpatched Vulnerability : CVE-2026-9957
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...
Linux Distros Unpatched Vulnerability : CVE-2026-9976
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromi...
Linux Distros Unpatched Vulnerability : CVE-2026-9962
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
ROS-20260529-73-0014
The vulnerability in openbao is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
TRENDnet TEW-432BRP 安全漏洞
TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP contains a security vulnerability. This vulnerability stems from a stack buffer overflow in the file/goform/formSetPortTr, which could allow a remote attacker to execute an...
PT-2026-45539
Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Deserialization of untrusted data allows an authorized attacker to execute arbitrary code over a network, which can affect the system. Deserialization is the process of...
Linux Distros Unpatched Vulnerability : CVE-2026-9969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted...
SUSE SLES15 Security Update : redis (SUSE-SU-2026:2099-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2099-1 advisory. This update for redis fixes the following issues - CVE-2026-23479: use-after-free in unblock client flow may lead to remote code...
Veeam Service Provider Console 9.x < 9.2.1.33875 RCE (KB4853)
The version of Veeam Service Provider Console installed on the remote Windows host is prior to 9.2.1.33875. It is, therefore, affected by a remote code execution vulnerability: - A vulnerability in Veeam Service Provider Console allows for remote code execution. CVE-2026-32998 Note that Nessus ha...
Linux Distros Unpatched Vulnerability : CVE-2026-10015
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in WTF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...