CVE-2025-24064 Windows Domain Name Service Remote Code Execution Vulnerability

...

CVE-2025-24081 Microsoft Excel Remote Code Execution Vulnerability

...

CVE-2025-24057 Microsoft Office Remote Code Execution Vulnerability

...

CVE-2025-24043 WinDbg Remote Code Execution Vulnerability

...

CVE-2025-24813

A flaw was found in Apache Tomcat. In certain conditions and configurations, this vulnerability allows a remote attacker to exploit a path equivalence flaw to view file system contents and add malicious content via a write-enabled Default Servlet in Apache Tomcat. For the vulnerability to be...

CVE-2025-24813 Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT

Path Equivalence: 'file.Name' Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through...

CVE-2025-2024

Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visi...

CVE-2025-2024 Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visi...

CVE-2025-27519 Cognita Arbitrary File Write

Cognita is a RAG Retrieval Augmented Generation Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setu...

Linux Distros Unpatched Vulnerability : CVE-2024-6345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions...

GHSA-3X5X-FW77-G54C dmlc/dgl Vulnerable to Remote Code Execution by Pickle Deserialization via rpc.recv_request()

Impact Dgl implements rpc server startserver in rpcserver.py for supporting the RPC communications among different remote users over networks. It relies on pickle serialize and deserialize to pack and unpack network messages. The is a known risk in pickle deserialization functionality that can be...

Zabbix 7.0.1rc1 Remote Code Execution

Zabbix server version 7.0.1rc1 remote code execution exploit that provides a reverse shell. ============================================================================================================================================= | Title : Zabbix server v 7.0.1rc1 PHP Code Injection...

Linux Distros Unpatched Vulnerability : CVE-2023-50230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...

Linux Distros Unpatched Vulnerability : CVE-2024-39705

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used...

Linux Distros Unpatched Vulnerability : CVE-2021-35196

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a crafted settings.pickle file in a project file, because there is insecure...

Linux Distros Unpatched Vulnerability : CVE-2022-29806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to...

Linux Distros Unpatched Vulnerability : CVE-2024-0444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary cod...

CVE-2025-26182

CVE-2025-26182 affects xxyopen novel plus prior to 4.4.0. The vulnerability allows a remote attacker to execute arbitrary code via the PageController.java file. The CVSS 3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N with base score 6.5 (MEDIUM). Connected sources corroborate the issue and men...

Linux Distros Unpatched Vulnerability : CVE-2016-9425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote...

Linux Distros Unpatched Vulnerability : CVE-2021-1870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001...