UBUNTU-CVE-2025-64524

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the program to crash with a segmentation fault...

CVE-2025-40604

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution...

Fortinet FortiADC Buffer Overflow Vulnerability (CNVD-2025-29156)

Fortinet FortiADC is an application delivery controller from Fortinet, Inc. The Fortinet FortiADC suffers from a buffer overflow vulnerability that originates from a boundary error when an application processes untrusted input. An attacker could exploit this vulnerability to execute arbitrary cod...

Siemens PS/IGES Parasolid Translator Component Out-of-Bounds Read Vulnerability

The Parasolid Translator Component is a single-format translation toolkit for high-speed end-to-end translation between Parasolid and multiple industry formats such as STEP or IGES. An out-of-bounds read vulnerability exists in versions prior to Siemens PS/IGES Parasolid Translator Component...

CVE-2025-63848

The CVE-2025-63848 entry describes a stored XSS vulnerability in SWISH (SWI‑Prolog SWISH Web IDE) up to version 2.2.0. The issue allows an attacker to execute arbitrary code via a crafted notebook in the Web IDE, indicating code execution impact tied to the web interface. Affected component: SWIS...

IBM webMethods Integration 代码问题漏洞

IBM webMethods Integration is a hybrid enterprise iPaaS from International Business Machines IBM. A code issue vulnerability exists in IBM webMethods Integration versions 10.11 through 10.11CoreFix22, 10.15 through 10.15CoreFix22, and 11.1 through 11.1CoreFix6, which stems from deserialization of...

SonicWALL Email Security 安全漏洞

SonicWALL Email Security is an email security system from SonicWALL USA. A security vulnerability exists in SonicWall Email Security that originates from the download of an unverified signed root filesystem image, which could lead to the execution of arbitrary code...

SWI-Prolog SWISH 安全漏洞

SWI-Prolog SWISH is a Web Integrated Development Environment from the SWI-Prolog organization. A security vulnerability exists in SWI-Prolog SWISH version 2.2.0 and earlier, which stems from stored cross-site scripting and could lead to the execution of arbitrary code...

Tenda AC21 安全漏洞

Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...

PT-2025-47605

Name of the Vulnerable Software and Affected Versions SWISH prolog versions through 2.2.0 Description A stored cross site scripting issue exists in SWISH prolog through version 2.2.0. This allows attackers to execute arbitrary code through a specially crafted web IDE notebook. The issue involves...

PT-2025-47639

Name of the Vulnerable Software and Affected Versions IBM webMethods Integration versions 10.11 through 10.11 Core Fix22 IBM webMethods Integration versions 10.15 through 10.15 Core Fix22 IBM webMethods Integration versions 11.1 through 11.1 Core Fix6 Description IBM webMethods Integration allows...

Medical Informatics Engineering Enterprise Health 安全漏洞

Medical Informatics Engineering Enterprise Health is a healthcare solution from US-based Medical Informatics Engineering. A security vulnerability exists in Medical Informatics Engineering Enterprise Health that stems from a stored cross-site scripting attack that could lead to the execution of...

TencentOS Server 3: expat (TSSA-2023:0141)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0141 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: perl-File-Find-Rule (TSSA-2025:0470)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0470 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: emacs (TSSA-2025:0303)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0303 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: postgresql:10 (TSSA-2023:0321)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0321 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2025-63211

Stored cross-site scripting vulnerability in bridgetech VBC Server & Element Manager, firmware versions 6.5.0-9 thru 6.5.0-10, allows attackers to execute arbitrary code via the addName parameter to the /vbc/core/userSetupDoc/userSetupDoc endpoint...

CVE-2025-34324

GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing application updates. The manifest contains package URLs and SHA-256 hashes but is not digitally signed, so its authenticity relies solely on the underlying TLS channel. In affected versions, TLS certificate...

CVE-2025-48839

An Out-of-bounds Write vulnerability CWE-787 in FortiADC 8.0.0, 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions may allow an authenticated attacker to execute arbitrary code via specially crafted HTTP requests...

CVE-2025-34333 AudioCodes Fax/IVR Appliance <= 2.6.23 World-Writable Webroot LPE

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configure the web document root at C:\F2MAdmin\F2E with overly permissive file system permissions. Authenticated local users have modify rights on this directory, while the associated web server process...