Pyro3 安全漏洞

Pyro3 is a Python remote object invocation library developed by Irmen de Jong. Version 3.x of Pyro3 contains a security vulnerability, which stems from issues with the pickle protocol. This vulnerability could allow arbitrary code to be executed through specially crafted pickle string messages...

PT-2026-32498

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...

EUVD-2026-22059

An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...

CVE-2026-31048

An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...

CVE-2026-31048

The CVE-2026-31048 issue affects Pyro v3.x, specifically its pickle protocol, where a crafted pickled string message can lead to arbitrary code execution. Multiple connected sources (NVD, Red Hat, Ubuntu, Nessus plugin, etc.) confirm the vulnerability and name Pyro v3.x as the affected component,...

Amazon Linux 2023 : plexus-utils, plexus-utils-javadoc (ALAS2023-2026-1545)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1545 advisory. Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute...

PT-2026-32371

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.0 Description Dag Authors can craft a malicious XCom payload that allows them to execute arbitrary code within the webserver context, bypassing the standard restriction that prevents them from executing cod...

VulnCheck KEV: CVE-2020-9715

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution...

PT-2026-32446

Name of the Vulnerable Software and Affected Versions Decidim versions prior to 0.30.5 Decidim versions 0.31.0.rc1 through 0.31.0 Description A stored code execution issue in the user name field allows a low-privileged attacker to execute arbitrary code in the context of any user who passively...

RHEL 10 : openexr (RHSA-2026:7678)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:7678 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents ...

MiracleLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (AXSA:2026-421:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-421:01 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffe...

Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2026-1547)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1547 advisory. A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. Thi...

ALSA-2026:7711 Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure via crafted swap file CVE-2026-28421 vim: Vim: Arbitrary code...

ERB has an @_init deserialization guard bypass via def_module / def_method / def_class

ERB implements an @init guard to prevent code execution when ERB objects are reconstructed via Marshal.load on untrusted data. However, ERBdefmethod, ERBdefmodule, and ERBdefclass evaluate the template source without checking this guard, allowing an attacker who controls the data passed to...

Adobe Acrobat and Reader Prototype Pollution Vulnerability

Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution...

EUVD-2019-20133

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...

EUVD-2018-21770

RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...

CVE-2019-25701

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...

CVE-2019-25695

R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...

CVE-2018-25258

RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...