CVE-2025-13941

The CVE-2025-13941 entry concerns Foxit PDF Reader/Editor Update Service. The issue is a local privilege escalation caused by incorrect filesystem permissions assigned to resources used by the update service during plugin installation, enabling a low-privileged attacker to modify or replace those...

Apache NiFi 代码问题漏洞

Apache NiFi is a data processing and distribution system from the Apache USA Foundation. The system is primarily used for data routing, transformation, and system brokering logic. A code issue vulnerability exists in Apache NiFi versions 1.20.0 through 2.6.0 that stems from the GetAsanaObject...

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS...

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are both products of Foxit, a Chinese company.Foxit PDF Reader is a PDF reader.Foxit PDF Editor is a PDF editor. A security vulnerability exists in Foxit PDF Reader and Foxit PDF Editor versions prior to 2025.2.1, prior to 14.0.1, and prior to 13.2.1, which...

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader versions prior to 2025.2.1, prior to 14.0.1, and prior to 13.2.1, which stems from a post-release reuse vulnerability in the parsing of PDF files that could lead to the execution o...

PT-2025-52498

Name of the Vulnerable Software and Affected Versions GT Edge AI Platform versions prior to 2.0.10-dev Description An issue in GT Edge AI Platform allows attackers to execute arbitrary code by injecting a crafted JSON payload into the Prompt window. The vulnerability involves the potential for co...

libnbd 参数注入漏洞

libnbd is an open source library from libguestfs for editing NBD Network Block Device clients. A parameter injection vulnerability exists in libnbd, which stems from incorrect parsing of a specially crafted URI and could lead to arbitrary code execution...

KLA90828 Multiple vulnerabilities in Foxit Reader

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. Use after free vulnerability can be exploited to cause denial of service or...

GT Edge AI 安全漏洞

GT Edge AI is an edge AI solution from US-based GT Edge AI. A security vulnerability exists in versions prior to GT Edge AI v2.0.10-dev, which originates from the injection of a specially crafted JSON payload that could lead to the execution of arbitrary code...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Reader that originates from a heap buffer overflow when processing specially crafted JBIG2 data, which could lead to the execution of arbitrary code...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader versions prior to 2025.2.1, prior to 14.0.1, and prior to 13.2.1, which stems from a post-release reuse in the handling of annotations and could lead to the execution of arbitrary...

CVE-2025-63665

An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window...

CVE-2025-63665

An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window...

PT-2025-52446

A flaw was found in libnbd. A malicious actor could exploit this by convincing libnbd to open a specially crafted Uniform Resource Identifier URI. This vulnerability arises because non-standard hostnames starting with '-o' are incorrectly interpreted as arguments to the Secure Shell SSH process,...

📄 Lepton CMS 7.4.0 Cross Site Scripting / Code Execution

Lepton CMS version 7.4.0 has a vulnerability which allows for a persistent cross site scripting payload to escalate into PHP execution through the droplet engine...

Linux Distros Unpatched Vulnerability : CVE-2025-14946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libnbd. A malicious actor could exploit this by convincing libnbd to open a specially crafted Uniform Resource Identifier URI. This...

Huawei EulerOS: Security Advisory for EDK2 (EulerOS-SA-2025-2571)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Foxit Reader Text Widget Format Use-After-Free Vulnerability

Talos Vulnerability Report TALOS-2025-2278 Foxit Reader Text Widget Format Use-After-Free Vulnerability December 19, 2025 CVE Number CVE-2025-59488 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader handles a Text Widget field object. A specially crafted JavaScript code inside ...

ROS-20251219-7306

A vulnerability in the 7-Zip file archiver is related to incorrect symbolic link detection before accessing a file. Exploitation of the vulnerability could allow an attacker to execute arbitrary code if a user opens a specially generated ZIP archive...