120932 matches found
CVE-2025-23299
NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code...
CVE-2025-23299
The CVE-2025-23299 entry affects NVIDIA Bluefield and ConnectX products with a vulnerability in the management interface that could let a high-privilege attacker execute arbitrary code locally. The issue is documented across multiple sources, and NVIDIA’s security bulletin lists concrete remediat...
CVE-2025-62526
OpenWrt ubusd (component of OpenWrt OS) is affected in versions prior to 24.10.4 by a heap buffer overflow in the event registration parsing code. Exploitation can modify the heap and potentially execute arbitrary code in the ubus daemon process, with actions occurring before ACL checks and enabl...
CVE-2025-49926
CVE-2025-49926 concerns the WordPress Kalium theme (Kalium) up to version 3.25. Risk arises from an improper generation of code, i.e., a code injection vulnerability that can lead to arbitrary code execution. Affected component: Laborator Kalium kalium (WordPress theme/plugin variant) with versio...
CVE-2025-49926 WordPress Kalium theme <= 3.25 - Arbitrary Code Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through = 3.25...
CVE-2025-49926 WordPress Kalium theme <= 3.25 - Arbitrary Code Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through = 3.25...
PT-2025-43231
Name of the Vulnerable Software and Affected Versions Boldermail versions through 2.4.0 Description A flaw exists in Boldermail that allows for Object Injection due to deserialization of untrusted data. This issue impacts Boldermail and could potentially allow an attacker to execute arbitrary cod...
Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability
Motex LANSCOPE Endpoint Manager contains an improper verification of source of a communication channel vulnerability allowing an attacker to execute arbitrary code by sending specially crafted packets...
WordPress plugin Captivate Sync 安全漏洞
WordPress Captivate Sync plugin is a WordPress plugin developed by Captivate, which belongs to RebelBaseMedia's products and is mainly used to simplify the Podcast management process. WordPress Captivate Sync plugin suffers from a deserialization vulnerability that stems from unsafe deserializati...
Hikvision CSMP iSecure Center 安全漏洞
Hikvision CSMP iSecure Center is an integrated security management platform from Hikvision China. A security vulnerability exists in Hikvision CSMP iSecure Center version 2024-08-01 and earlier, which stems from unverified execution of the $ command in JSON data, which could lead to the execution...
WordPress plugin JobSearch 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
AMTT Hotel Broadband Operation System 安全漏洞
AMTT Hotel Broadband Operation System is a hotel broadband operation system from China-based AmTech Century AMTT. A security vulnerability exists in the AMTT Hotel Broadband Operation System, which originates from an unauthenticated command injection in the /manager/radius/serverping.php endpoint...
FreeBSD : Mozilla -- Memory safety bugs (7b9a8247-ab7b-11f0-b961-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7b9a8247-ab7b-11f0-b961-b42e991fc52e advisory. [email protected] reports: Some of these bugs showed evidence of memory corruption and we presume th...
Tenda AC6 安全漏洞
The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.06.50, which is caused by the speeddir parameter in the SetSpeedWan function failing to properly validate the length of the input data, and can be exploited by an...
Tenda AC6 安全漏洞
The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.06.50, which is caused by the SetClientState function failing to properly validate the length of the input data, and can be exploited by an attacker to execute...
Privilege Escalation
PyInstaller is vulnerable to Privilege Escalation. The vulnerability is due to the bootstrap process appending a special entry to sys.path and attempting to load an optional bytecode-decryption module while that entry is present, which allows an attacker who can create files/directories next to t...
JLSEC-2025-186 libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a...
libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitindexadd can cause heap corruption that could be leveraged for arbitrary code execution. There...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the DMS::InternalDecode function. An attacker can hijack the program's control flow by overwriting a return address to point to a libc function ret2libc and execute arbitrary code or cause a crash by providing special...
CVE-2025-11948
Document Management System developed by Excellent Infotek has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
Delta Electronics ASDA-Soft Stack Buffer Overflow Vulnerability
Delta Electronics ASDA-Soft is an AC servo motor from Delta Electronics China. The Delta Electronics ASDA-Soft suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking. An attacker could exploit the vulnerability to execute arbitrary code on the system or...