MiracleLinux 9 : ghostscript-9.54.0-18.el9_6 (AXSA:2025-10460:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10460:03 advisory. ghostscript: dangling pointer in gdevprnopenprinterseekable CVE-2023-46751 ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling...

PT-2026-2411

Name of the Vulnerable Software and Affected Versions Flame II HSPA USB Modem affected versions not specified Description The Flame II HSPA USB Modem contains a flaw due to an unquoted service path in its Windows service configuration. This allows attackers to potentially execute arbitrary code...

PT-2026-2769

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

siemens TeleControl Server Basic 安全漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. A security vulnerability exists in siemens TeleControl Server Basic versions prior to V3.1.2.4, which stems from a local elevation of privilege vulnerability that could lead to the execution of arbitrary co...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is a suite of standalone Mozilla Application Suite Mozilla Thunderbird is a stand-alone e-mail client software from the Mozilla...

PT-2026-2654

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 147 Thunderbird versions prior to 147 Description The software contains memory safety bugs that could potentially lead to arbitrary code execution. Some of these bugs demonstrate evidence of memory corruption...

PT-2026-2768

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

PT-2026-2399

Name of the Vulnerable Software and Affected Versions Cobian Backup version 0.9 Description A local user can execute arbitrary code with elevated system privileges. This is due to an unquoted service path in the CobianReflectorService, allowing attackers to inject malicious code that executes wit...

PT-2026-2377

Name of the Vulnerable Software and Affected Versions Wondershare Dr.Fone version 11.4.9 Description Wondershare Dr.Fone version 11.4.9 has an issue with an unquoted service path in the DFWSIDService. This could allow local users to potentially run arbitrary code. The unquoted path is located at...

Microsoft Windows Desktop Window Manager Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the desktop window...

Adobe InDesign Desktop 安全漏洞

Adobe InDesign is a professional desktop publishing software developed by Adobe for layout and page layout in print and digital media. Adobe InDesign suffers from a heap buffer overflow vulnerability that originates from a partial overwrite of heap memory, which can be exploited by an attacker to...

Adobe Substance3D Sampler 缓冲区错误漏洞

Adobe Substance3D Sampler is a software for rendering 3D scenes from Audobee Adobe USA. A buffer error vulnerability exists in Adobe Substance3D Sampler 5.1.0 and prior versions, which stems from an out-of-bounds write and could lead to the execution of arbitrary code...

Cobian Backup 代码问题漏洞

Cobian Backup is a file backup software by Luis Cobian Personal Developer. A code issue vulnerability exists in Cobian Backup version 0.9, which stems from the presence of an unquoted service path to the CobianReflectorService, which could lead to the execution of arbitrary code by a local user...

Outline 代码问题漏洞

Outline is an Outline open source knowledge base. A code issue vulnerability exists in Outline version 1.6.0, which stems from unquoted service paths and could lead to a local attacker executing arbitrary code with elevated system privileges...

Adobe Bridge 安全漏洞

Adobe Bridge is a file viewer from the American company Audobee Adobe. A security vulnerability exists in Adobe Bridge version 15.1.2 and versions 16.0 and earlier, which stems from a heap-based buffer overflow that could lead to the execution of arbitrary code...

Adobe Dreamweaver Desktop 输入验证错误漏洞

Adobe Dreamweaver Desktop is a web design and development software from the American company Audobee Adobe. Adobe Dreamweaver Desktop is vulnerable to an incorrect input validation error vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the system...

Wondershare UBackit 代码问题漏洞

Wondershare UBackit is a computer data backup software from China's Wanxing Technology Wondershare. A code issue vulnerability exists in Wondershare UBackit version 2.0.5, which stems from an unquoted path to the wsbackup service, and could lead to the execution of arbitrary code and elevation of...

PT-2026-2380

Name of the Vulnerable Software and Affected Versions Wondershare UBackit version 2.0.5 Description The software contains an unquoted service path issue. This allows local users to potentially execute arbitrary code with elevated system privileges. An attacker can exploit the unquoted path in the...

PT-2026-2638

Name of the Vulnerable Software and Affected Versions TYPO3 versions 10.0.0 through 10.4.54 TYPO3 versions 11.0.0 through 11.5.48 TYPO3 versions 12.0.0 through 12.4.40 TYPO3 versions 13.0.0 through 13.4.22 TYPO3 versions 14.0.0 through 14.0.1 Description A flaw exists in TYPO3 that allows local...

PT-2026-2767

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim...