Adobe Dreamweaver Desktop 输入验证错误漏洞

Adobe Dreamweaver Desktop is a web design and development software from the American company Audobee Adobe. Adobe Dreamweaver Desktop is vulnerable to an incorrect input validation error vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the system...

Wondershare UBackit 代码问题漏洞

Wondershare UBackit is a computer data backup software from China's Wanxing Technology Wondershare. A code issue vulnerability exists in Wondershare UBackit version 2.0.5, which stems from an unquoted path to the wsbackup service, and could lead to the execution of arbitrary code and elevation of...

PT-2026-2380

Name of the Vulnerable Software and Affected Versions Wondershare UBackit version 2.0.5 Description The software contains an unquoted service path issue. This allows local users to potentially execute arbitrary code with elevated system privileges. An attacker can exploit the unquoted path in the...

PT-2026-2767

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim...

PT-2026-2803

Eigent is a multi-agent Workforce. A critical security vulnerability in the CI workflow .github/workflows/ci.yml allows arbitrary code execution from fork pull requests with repository write permissions. The vulnerable workflow uses pull request target trigger combined with checkout of untrusted ...

Linbit csync2 安全漏洞

Linbit csync2 is a cluster synchronization tool from Austrian company Linbit, which is primarily used to keep files on multiple hosts in a cluster synchronized. A security vulnerability exists in Linbit csync2 versions 4.6.0 through 4.9.0, which stems from a remote stack-based buffer overflow in...

Adobe Substance3D Painter 缓冲区错误漏洞

Adobe Substance3D Painter is a 3D scene builder from Audobee Adobe USA. A buffer error vulnerability exists in Adobe Substance3D Painter 11.0.3 and prior versions, which stems from an out-of-bounds write and could lead to the execution of arbitrary code...

PT-2026-2792

Name of the Vulnerable Software and Affected Versions Enclave versions prior to 2.7.0 Description Enclave is a secure JavaScript sandbox used for safe AI agent code execution. A critical sandbox escape issue exists in enclave-vm, allowing untrusted JavaScript code to execute arbitrary code in the...

KLA90833 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1...

KLA90835 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Denial of...

PT-2026-2391

Name of the Vulnerable Software and Affected Versions PTPublisher version 2.3.4 Description The software contains an unquoted service path vulnerability in the PTProtect service. This allows local attackers to potentially execute arbitrary code with elevated privileges. The vulnerable path is...

PT-2026-2654

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 147 Thunderbird versions prior to 147 Description The software contains memory safety bugs that could potentially lead to arbitrary code execution. Some of these bugs demonstrate evidence of memory corruption...

PT-2026-2768

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

PT-2026-2772

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2026-2777

InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Hewlett Packard Enterprise ArubaOS 安全漏洞

Hewlett Packard Enterprise ArubaOS HPE ArubaOS is a networked wireless operating system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise ArubaOS that stems from the presence of a stack overflow that could lead to the execution of arbitrary code...

MiracleLinux 7 : gstreamer1-1.10.4-2.0.1.el7.AXS7 (AXSA:2025-11534:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11534:07 advisory. CVE-2024-47606: allocator: avoid integer overflow when allocating sysmem Fix documentation build with the newer gtk-doc CVEs: CVE-2024-47606 GStreamer is a...

MiracleLinux 9 : freetype-2.10.4-9.el9.ML.2 (AXSA:2025-9776:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9776:01 advisory. An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph...

MiracleLinux 9 : postgresql:16 (AXSA:2025-10800:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10800:01 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation...

MiracleLinux 9 : perl-File-Find-Rule-0.34-19.1.el9_6 (AXSA:2025-10696:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10696:01 advisory. perl-file-find-rule: File::Find::Rule Arbitrary Code Execution CVE-2011-10007 Tenable has extracted the preceding description block directly from the...