CVE-2022-49358 netfilter: nf_tables: memleak flow rule from commit path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...

CVE-2025-25790

An arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS v1.2.5 allows attackers to execute arbitrary code via uploading a crafted Zip file...

GHSA-W32M-9786-JP63

creationtimestamp| type| source ---|---|--- 2025-02-25 19:44:55+00:00| seen| https://gist.github.com/ruokun-niu/25de36e2d9507c94536ff4058d807551...

CVE-2025-25943

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4Stz2Atom::AP4Stz2Atom component located in Ap4Stz2Atom.cpp...

CVE-2024-27781

An improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6, FortiSandbox 4.0.0 through 4.0.4, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all...

PT-2025-17669

Name of the Vulnerable Software and Affected Versions fig2dev version 3.2.9a Description The issue allows an attacker possible code execution via local input manipulation through the bezier spline function. Recommendations For fig2dev version 3.2.9a, consider disabling the bezier spline function...

CVE-2025-21387

Microsoft Excel Remote Code Execution Vulnerability...

Microsoft Office Code Execution Vulnerability (CNVD-2025-10664)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

ROS-20250212-14

The vulnerability of the mkdtemp function of the Python programming language interpreter is related to the problem of introducing an argument. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

CVE-2024-0179

CVE-2024-0179 is an SMM Callout vulnerability in the AmdCpmDisplayFeatureSMM UEFI module that could allow locally authenticated attackers to overwrite SMRAM and execute arbitrary code. Root cause: insufficient input/data validation in the SMM callout mechanism. Impact: potential kernel- or ring-0...

CVE-2025-21394

Microsoft Excel Remote Code Execution Vulnerability...

CVE-2024-27781

CVE-2024-27781 is an XSS vulnerability in Fortinet FortiSandbox products due to improper neutralization of input during web page generation. The issue affects FortiSandbox versions 3.0.0–3.2.x, 4.0.0–4.0.4, 4.2.0–4.2.6, and 4.4.0–4.4.4, allowing an authenticated attacker to execute unauthorized c...

CVE-2023-40721

CVE-2023-40721 is a Fortinet vulnerability described as an externally-controlled format string (CWE-134) in FortiOS, FortiProxy, FortiPAM and related CLI handling. Affected products/versions are detailed in multiple sources (Fortinet advisories and PT-2025-6253): FortiOS 7.4.0–7.4.1 and prior to ...

CVE-2023-40721

A use of externally-controlled format string vulnerability CWE-134 vulnerability in Fortinet allows a privileged attacker to execute arbitrary code or commands via specially crafted requests...

CVE-2024-53977

A vulnerability has been identified in ModelSim All versions V2025.1, Questa All versions V2025.1. An example setup script contained in affected applications allows a specific executable file to be loaded from the current working directory. This could allow an authenticated local attacker to inje...

RHEL 9 : gcc-toolset-14-gcc (RHSA-2025:1300)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1300 advisory. The gcc-toolset-14-gcc13 package contains the GNU Compiler Collection version 14. Security Fixes: jquery: Untrusted code execution via tag in HTML...

CVE-2021-46656

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2021-22195

Client side code execution in gitlab-vscode-extension v3.15.0 and earlier allows attacker to execute code on user system...

CVE-2022-24715

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6...

CVE-2022-24354

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 1.1.4 Build 20211022 rel.591035553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The...