MiracleLinux 3 : firefox-24.8.0-2.0.1.AXS3 (AXSA:2014-523:05)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-523:05 advisory. Description: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed wit...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by free usage in ANGLE. An attacker can exploit the vulnerability to execute arbitrary code on a system...

MiracleLinux 3 : kernel-2.6.18-371.3.AXS3 (AXSA:2014-405:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-405:01 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

MiracleLinux 7 : git-1.8.3.1-14.el7 (AXSA:2018-3186:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3186:02 advisory. git: arbitrary code execution when recursively cloning a malicious repository CVE-2018-11235 Tenable has extracted the preceding description block directly...

Flexense Sync Breeze security vulnerability

Flexense Sync Breeze is a file synchronization tool developed by Flexense Corporation. The version 13.6.18 of Flexense Sync Breeze contains a security vulnerability. This vulnerability stems from the Windows service configuration, where a service path without quotes was used, potentially allowing...

CVE-2025-14237

CVE-2025-14237 is a buffer overflow in the XPS font parsing of Canon Small Office Multifunction Printers and Laser Printers. Affects firmware v06.02 and earlier across multiple Canon lines (Japan/US/Europe). The issue can allow a network attacker to cause a reboot/nonresponsive device or execute ...

CVE-2021-47807

Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...

CVE-2021-47792 Remote Mouse 4.002 - Unquoted Service Path

Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access...

GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write

A flaw was found in GnuPG. An attacker can provide crafted input to the armorfilter function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code...

CVE-2026-23512

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, there is a Untrusted Search Path vulnerability when Advanced Options setting is trigger. The application executes notepad.exe without specifying an absolute path when using the Advanced Options setting. On Windows, this allows...

GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write

A flaw was found in GnuPG. An attacker can provide crafted input to the armorfilter function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

CVE-2021-47819

ProjeQtOr Project Management 9.1.4 contains a file upload vulnerability that allows guest users to upload malicious PHP files with arbitrary code execution capabilities. Attackers can upload a PHP script through the profile attachment section and execute system commands by accessing the uploaded...

EUVD-2026-2750

ProjeQtOr Project Management 9.1.4 contains a file upload vulnerability that allows guest users to upload malicious PHP files with arbitrary code execution capabilities. Attackers can upload a PHP script through the profile attachment section and execute system commands by accessing the uploaded...

CVE-2021-47775 YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

CVE-2021-47775

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

CVE-2021-47775

CVE-2021-47775 affects YouTube Video Grabber (also called YouTube Downloader) version 1.9.9.1. The issue is a buffer overflow that allows arbitrary code execution by overwriting the Structured Exception Handler (SEH). An attacker can craft a 712-byte payload with SEH manipulation to trigger a bin...

USN-7965-1: SimGear vulnerability

It was discovered that SimGear could be made to bypass the sandboxing of Nasal scripts. An attacker could possibly use this issue to execute arbitrary code...

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed vulnerabilities in Adobe Illustrator Specifically for versions 29.8.3, 30.0 and earlier. The vulnerabilities are in the way Adobe Illustrator handles specially crafted files. The first vulnerability involves an Unreliable Search Path issue that can lead to arbitrary code execution...

GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write

A flaw was found in GnuPG. An attacker can provide crafted input to the armorfilter function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code...