Adobe Framemaker 代码问题漏洞

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. An untrusted search path vulnerability exists in Adobe Framemaker, which could be exploited by an attacker to caus...

Adobe InDesign Desktop 缓冲区错误漏洞

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

Adobe InDesign < 20.5.3 / 21.0 < 21.3.0 Multiple Vulnerabilities (APSB26-32) (macOS)

The version of Adobe InDesign installed on the remote macOS host is prior to 20.5.3, 21.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-32 advisory. - Heap-based Buffer Overflow CWE-122 potentially leading to Arbitrary code execution CVE-2026-34627,...

Adobe Bridge 安全漏洞

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Incorrect use of LocateProtocol Service of the EFI_BOOT_Services table in SMI Handler

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54502| Incorrect use of boot service in the AMD Platform Configuration Blob APCB SMM driver could allow a privileged attacker with local access Ring 0 to achieve privilege escalation...

PT-2026-32894

Name of the Vulnerable Software and Affected Versions Terrarium affected versions not specified Description A sandbox escape allows arbitrary code execution with root privileges on a host process. This is achieved through JavaScript prototype chain traversal, which enables a full container escape...

CVE-2026-37598

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution RCE via /scheduler/classes/SystemSettings.php?f=updatesettings...

CVE-2026-37598

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution RCE via /scheduler/classes/SystemSettings.php?f=updatesettings...

Webkul Krayin CRM 安全漏洞

Webkul Krayin CRM is a free and open-source CRM solution for small and medium-sized businesses from the Indian company Webkul. Version 2.2.x of Webkul Krayin CRM contains a security vulnerability. This vulnerability stems from the admin/tinymce/upload endpoint, where an authenticated arbitrary fi...

APSB26-37 : Security update available for Adobe Connect

Adobe has released a security update for Adobe Connect. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and privilege escalation...

APSB26-39 : Security update available for Adobe Bridge

Adobe has released a security update for Adobe Bridge. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution and application denial-of-service...

APSB26-44 : Security update available for Adobe Acrobat Reader

Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and arbitrary file system read...

ROS-20260414-73-0059

Vulnerability in kernel-lt related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

APSB26-42 : Security update available for Adobe Illustrator

Adobe has released an update for Adobe Illustrator. This update resolves a critical vulnerability that could lead to arbitrary code execution...

APSB26-33 : Security update available for Adobe InCopy

Adobe has released a security update for Adobe InCopy. This update addresses critical vulnerabilities that could lead to arbitrary code execution...

APSB26-32 : Security update available for Adobe InDesign

Adobe has released a security update for Adobe InDesign. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution, application denial-of-service, and memory exposure...

Amazon Linux 2 : plexus-utils, --advisory ALAS2-2026-3233 (ALAS-2026-3233)

The version of plexus-utils installed on the remote host is prior to 3.0.9-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3233 advisory. Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before...

MiracleLinux 8 : vim-8.0.1763-22.el8_10.1.ML.1 (AXSA:2026-423:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-423:06 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Redis, Lua vulnerabilities (USN-8169-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8169-1 advisory. It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker...

Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)

SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains a vulnerability that could allow an attacker to achieve arbitrary code execution and to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller SAC and recommends...