SUSE SLES12 Security Update : postgresql15 (SUSE-SU-2026:0615-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0615-1 advisory. Update to version 15.16. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of serv...

SUSE SLES12 Security Update : postgresql16 (SUSE-SU-2026:0614-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0614-1 advisory. Update to version 16.12. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of serv...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the readWriteFile node in combination with git operations. An attacker can execute arbitrary commands on the host system by writing to specific configuration files and triggering a git operation. This is onl...

Eval Injection

Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to Eval Injection. An attacker can execute arbitrary code on the host system by submitting specially crafted form data that is interpreted as an expression. Note: This is only exploitable if a workflow...

Exploit for CVE-2025-49132

CVE-2025-49132 is a critical arbitrary code execution vulnerabil...

CVE-2025-69771

Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume th...

Vulnerabilities fixed in SolarWinds Serv-U

SolarWinds has fixed vulnerabilities in Serv-U. The vulnerabilities are in how Serv-U controls access and processes data types. Attackers with administrative privileges can exploit these vulnerabilities to gain unauthorized system access and execute arbitrary code with elevated privileges. This c...

CVE-2025-40540

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

CVE-2026-25785

CVE-2026-25785 describes a path traversal vulnerability in Lanscope Endpoint Manager (On-Premises) Sub-Manager Server, versions up to 9.4.7.3 and earlier. The issue could allow an attacker to tamper with arbitrary files and execute arbitrary code on the affected system via a network attack with l...

CVE-2026-25785

Path traversal vulnerability exists in Lanscope Endpoint Manager On-Premises Sub-Manager Server Ver.9.4.7.3 and earlier, which may allow an attacker to tamper with arbitrary files and execute arbitrary code on the affected system...

CVE-2026-25785

Path traversal vulnerability exists in Lanscope Endpoint Manager On-Premises Sub-Manager Server Ver.9.4.7.3 and earlier, which may allow an attacker to tamper with arbitrary files and execute arbitrary code on the affected system...

Adobe After Effects Resource Management Error Vulnerability (CNVD-2026-12868)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...

Adobe After Effects Resource Management Error Vulnerability (CNVD-2026-12869)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from a resource management error vulnerability...

Adobe DNG SDK Buffer Overflow Vulnerability

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. A buffer overflow vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to execute arbitrary code on a system or cause an...

Adobe After Effects Type Obfuscation Vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. A type confusion vulnerability exists in Adobe After Effects, which can be...

libvips 安全漏洞

libvips is an open-source fast image processing library with low memory requirements. Versions of libvips 8.18.0 and earlier contain security vulnerabilities. These vulnerabilities stem from a heap buffer overflow in the function located in the file libvips/foreign/csvload.c, which could allow fo...

CVE-2025-69771

Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...

CVE-2025-69771

Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...

Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Siemens SINEC NMS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration ...