CVE-2026-7703

A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impacted is an unknown function of the component Websocket API. This manipulation causes code injection. The attack can be initiated remotely. The exploit has been published and may be used. Upgrading to version 25.2 R3 is...

CVE-2026-7703

A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impacted is an unknown function of the component Websocket API. This manipulation causes code injection. The attack can be initiated remotely. The exploit has been published and may be used. Upgrading to version 25.2 R3 is...

CVE-2026-7704 AV Stumpfl Pixera Two Media Server Service Port 1338 path traversal

A vulnerability has been found in AV Stumpfl Pixera Two Media Server up to 25.1 R2. The affected element is an unknown function of the component Service Port 1338. Such manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. Upgrading to version 25.2 R3...

CVE-2026-7703

A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impacted is an unknown function of the component Websocket API. This manipulation causes code injection. The attack can be initiated remotely. The exploit has been published and may be used. Upgrading to version 25.2 R3 is...

PT-2026-36708

Name of the Vulnerable Software and Affected Versions AV Stumpfl Pixera Two Media Server versions prior to 25.2 R3 Description An issue exists in an unknown function of the Service Port 1338 component. This flaw allows for path traversal, a technique used to access files and directories outside t...

EUVD-2026-16256

Sakai is a Collaboration and Learning Environment CLE. In versions 23.0 through 23.4 and 25.0 through 25.1, group titles and description can contain cross-site scripting scripts. The patch is included in releases 25.2 and 23.5. As a workaround, one can check the SAKAISITEGROUP table for titles an...

CVE-2026-3278 XSS Vulnerability discovered in OpenText™ ZENworks Service Desk.

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ ZENworks Service Desk allows Cross-Site Scripting XSS. The vulnerability could allow an attacker to execute arbitrary JavaScript leading to unauthorized actions on behalf of the user.This...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libreoffice (UTSA-2026-005915)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005915 advisory. LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specif...

CVE-2026-1658

User Interface UI Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning. The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Director...

CVE-2026-1658

User Interface UI Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning. The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Director...

OpenText Directory Services（OTDS） 安全漏洞

OpenText Directory Services OTDS is an information management solution provided by the Canadian company OpenText. It integrates OpenText products and solutions with the company’s enterprise directory infrastructure. Vulnerabilities exist in versions 20.4.1 to 25.2 of OpenText Directory Services,...

EUVD-2025-203361

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...

KLA90820 SB vulnerability was found in LibreOffice

Security bypass vulnerability was found in LibreOffice. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories CVE-2025-14714: TCC Bypass via Inherited Permissions in Bundled Interpreter Related products LibreOffice CVE list CVE-2025-14714 warning...

EUVD-2025-93494

Uncontrolled search path for some Intel Driver and Support Assistant before version 25.2 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This...

Intel® DSA Software Advisory

Summary: A potential security vulnerability for some Intel® Driver & Support Assistant Intel® DSA software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-30506 Description: Uncontrolled search...

Ericsson Network Manager 安全漏洞

Ericsson Network Manager is a network manager from Ericsson Sweden. It covers monitoring, troubleshooting, configuration, automation and optimization of networks. A security vulnerability exists in Ericsson Network Manager ENM prior to version 25.2 GA, which stems from a vulnerability that could...

Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2025-16373)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects version...

Adobe After Effects 代码问题漏洞

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A null pointer dereference vulnerability exists in Adobe After Effects...

Adobe Illustrator Multiple Vulnerabilities (APSB21-24) - Windows

Adobe Illustrator is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...

CVE-2021-21105 Adobe Illustrator memory corruption vulnerability could lead to remote code execution

Adobe Illustrator version 25.2 and earlier is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires...