CBL Mariner 2.0 Security Update: redis / valkey (CVE-2025-32023)

The version of redis / valkey installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32023 advisory. - Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5,...

BIT-MARIADB-2024-27766

An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the libmysqludfsys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

CVE-2025-3946 Incorrect response generation during FTEB protocol processing

The Honeywell Experion PKS and OneWireless WDM contains a Deployment of Wrong Handler vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in incorrect handling of packets leading t...

CVE-2025-2521

CVE-2025-2521 concerns a memory buffer vulnerability in the Control Data Access (CDA) component of Honeywell’s Experion PKS and OneWireless WDM . The issue is an overread of buffers due to lack of proper index validation against buffer borders, which could lead to remote code execution . Affected...

CVE-2025-47988 Azure Monitor Agent Remote Code Execution Vulnerability

...

CVE-2025-49729 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

CVE-2025-49703 Microsoft Word Remote Code Execution Vulnerability

...

CVE-2025-49698 Microsoft Word Remote Code Execution Vulnerability

...

CVE-2025-49697 Microsoft Office Remote Code Execution Vulnerability

...

CVE-2025-49695 Microsoft Office Remote Code Execution Vulnerability

...

CVE-2025-48822 Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability

...

CVE-2025-48805 Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability

...

CVE-2025-49711 Microsoft Excel Remote Code Execution Vulnerability

...

Advisory ROSA-SA-2025-2906

Software: sudo 1.8.29 OS: ROSA Virtualization 2.1 packageevrstring: sudo-1.8.29-8.rv3.1 CVE-ID: CVE-2025-32463 BDU-ID: 2025-07765 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the sudo system administration program is related to the inclusion of functions from an invalid controlled area when using...

IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PT-2025-28473 · Unknown · Node-Code-Sandbox-Mcp

Name of the Vulnerable Software and Affected Versions: node-code-sandbox-mcp versions prior to 1.3.0 Description: The issue is caused by the unsanitized use of input parameters within a call to child process.execSync, enabling an attacker to inject arbitrary system commands. Successful exploitati...

IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...