CVE-2026-46368

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user...

EUVD-2022-48653

Malicious code in bioql PyPI...

EUVD-2021-9656

Malicious code in bioql PyPI...

CVE-2025-49219

An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method...

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in Trend Micro Apex One that originates from allowing a remote attacker to execute arbitrary code on an affected installation...

PT-2025-12813 · Trend Micro · Trend Micro Apex One Security Agent Plug-In User Interface Manager

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One Security Agent Plug-in User Interface Manager affected versions not specified Description: A local attacker could bypass existing security and execute arbitrary code on affected installations. The attacker must first obta...

AVG AntiVirus Free 后置链接漏洞

AVG AntiVirus Free is a suite of free antivirus software from AVG. AVG AntiVirus Free suffers from a back-link vulnerability that originates from an attacker being able to create a denial-of-service condition on an affected installation, leaving it susceptible to denial-of-service attacks...

Ashlar Vellum Cobalt 安全漏洞

Ashlar Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar. A security vulnerability exists in Ashlar Vellum Cobalt that stems from the presence of an uninitialized memory remote code execution vulnerability that could allow a remote attacker to execute...

Ashlar Vellum Graphite 安全漏洞

Ashlar Vellum Graphite is a CAD modeling software from Ashlar, Inc. A security vulnerability exists in Ashlar Vellum Graphite that stems from an out-of-bounds write remote code execution vulnerability that could allow a remote attacker to execute arbitrary code on an affected installation...

Ashlar Vellum 安全漏洞

Ashlar Vellum is Ashlar's development platform for computer-aided design CAD and 3D modeling software. A security vulnerability exists in Ashlar Vellum that stems from an out-of-bounds write remote code execution vulnerability that could allow a remote attacker to execute arbitrary code on an...

PT-2024-20738 · Kadence Blocks · Gutenberg Blocks

Name of the Vulnerable Software and Affected Versions: Gutenberg Blocks by Kadence Blocks versions prior to 3.2.26 Description: The issue is related to the Gutenberg Blocks by Kadence Blocks WordPress plugin, which does not validate and escape some of its block options before outputting them back...

CVE-2023-52325

A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code on affected installations. Please note: this vulnerability must be used in conjunction with another one to exploit an affected system. In addition, an attacker...

CVE-2023-52090

A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

CVE-2023-52090

A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

CVE-2023-47196

An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-47193

An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

Trend Micro Apex One Security Vulnerability

Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in the Trend Micro Apex One security agent. It could allow a local attacker to elevate privileges on an affected installation...

CVE-2023-30902

A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations...

Trend Micro Apex One Elevation of Privilege Vulnerability

Trend Micro Apex One is an endpoint protection software from Trend Micro, Inc. An elevation of privilege vulnerability exists in the 2019 on-prem, SaaS version of Trend Micro Apex One, which stems from the use of local time for Vulnerability Protection Service checks, which could be exploited to...

CVE-2022-41747

An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...