CVE-2025-60068 WordPress Javo Core plugin <= 3.0.0.266 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in javothemes Javo Core javo-core allows Code Injection.This issue affects Javo Core: from n/a through = 3.0.0.266...

CVE-2025-60070 WordPress Molla - Multipurpose Responsive Shopify theme <= 1.5.13 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in The4 Molla molla allows Code Injection.This issue affects Molla: from n/a through = 1.5.13...

CVE-2025-60068 WordPress Javo Core plugin <= 3.0.0.266 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in javothemes Javo Core javo-core allows Code Injection.This issue affects Javo Core: from n/a through = 3.0.0.266...

CVE-2025-60070

CVE-2025-60070 concerns The4 Molla (WordPress theme/plugin Molla) with versions up to and including 1.5.13, where improper control of code generation enables code injection (arbitrary code execution). References consistently describe this as a vulnerability affecting Molla versions ≤ 1.5.13. The ...

CVE-2025-53524

Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2025-67170

A reflected cross-site scripting XSS vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...

MailEnableMailEnableMailEnable Insecure DLL Loading Vulnerability (CNVD-2026-14405)

MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from a MailEnable Insecure DLL Load vulnerability that can be exploited by an attacker to cause local arbitrary code execution...

MailEnable Insecure DLL Loading Vulnerability (CNVD-2026-14402)

MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from an insecure DLL loading vulnerability that can be exploited by an attacker to cause local arbitrary code execution...

TeamViewer DEX Client Elevation of Privilege Vulnerability

TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. An elevation of privilege vulnerability exists in TeamViewer DEX Client, which can be exploited by an attacker to cause elevation of privilege and execute arbitrary code...

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW National Instruments LabVIEW version 2025 Q3 and earlier versions, which originates from an out-of-bounds write when parsing a corrupted ...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 146.0.1, which stems from a memory security issue that could lead to memory corruption and execution of arbitrary code...

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW version 2025 Q3 and prior versions that originates from a stack buffer overflow when parsing a corrupted VI file, which could lead to...

PT-2025-52237

Name of the Vulnerable Software and Affected Versions NI LabVIEW versions prior to 25.3 Description An out of bounds read issue exists in NI LabVIEW within the LVResFile::FindRsrcListEntry function when processing a damaged VI file. This can lead to information disclosure or arbitrary code...

PT-2025-52235

Name of the Vulnerable Software and Affected Versions NI LabVIEW versions 2025 Q3 25.3 and prior Description An out of bounds read issue exists in NI LabVIEW within the lvre!DataSizeTDR function when processing a damaged VI file. Exploitation of this issue could lead to information disclosure or...

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW version 2025 Q3 and prior versions that originates from an out-of-bounds read when parsing a corrupted VI file, which could lead to...

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW version 2025 Q3 and prior versions that originates from an out-of-bounds read when parsing a corrupted VI file, which could lead to...

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW version 2025 Q3 and prior versions that originates from an out-of-bounds read when parsing a corrupted VI file, which could lead to...

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW National Instruments LabVIEW version 2025 Q3 and earlier versions, which originates from an out-of-bounds read when parsing a corrupted V...

Firefox -- Memory safety bugs

https://bugzilla.mozilla.org/buglist.cgi?bugid=1996570%2C1999700 reports: Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

PT-2025-52310

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A reflected cross-site scripting issue exists in Kentico Xperience. Authenticated users can inject malicious scripts into the administration interface. Exploitation allows attackers...