Lucene search
K

120948 matches found

Cvelist
Cvelist
added 2025/10/20 7:25 a.m.10 views

CVE-2025-61932

Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...

9.8CVSS0.02689EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/10/20 7:17 a.m.3 views

Lanscope Endpoint Manager (On-Premises) vulnerable to improper verification of source of a communication channel

Overview Lanscope Endpoint Manager On-Premises provided by MOTEX Inc. contains the following vulnerability. Improper verification of source of a communication channel CWE-940 - CVE-2025-61932 MOTEX Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and...

9.8CVSS7.4AI score0.02689EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2025/10/20 6:5 a.m.10 views

USN-7826-2: Samba vulnerabilities

USN-7826-1 fixed vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An...

10CVSS5.6AI score0.39677EPSS
Exploits2
NVD
NVD
added 2025/10/20 4:15 a.m.6 views

CVE-2025-11948

Document Management System developed by Excellent Infotek has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

9.8CVSS0.00922EPSS
Exploits0References3
CVE
CVE
added 2025/10/20 3:28 a.m.12 views

CVE-2025-11948

CVE-2025-11948 affects the Document Management System by Excellent Infotek. Descriptions across Red Hat, NVD, CIRCL and CVE lists report an Arbitrary File Upload vulnerability that enables unauthenticated remote attackers to upload and execute a web shell, leading to arbitrary code execution on t...

9.8CVSS8.1AI score0.00922EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/10/20 2:25 a.m.6 views

thunderbird: firefox: Memory safety bugs

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corrupti...

8.8CVSS7.4AI score0.00306EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2025/10/20 12:0 a.m.5 views

VulnCheck KEV: CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8CVSS6.2AI score0.29738EPSS
In wildExploits0References2
CNNVD
CNNVD
added 2025/10/20 12:0 a.m.4 views

TruffleHog 安全漏洞

TruffleHog is an open source tool from Truffle Security. A security vulnerability exists in TruffleHog version 3.90.2, which stems from a specially crafted repository could lead to arbitrary code execution...

7.8CVSS7.3AI score0.00284EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2025/10/20 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-61932

Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...

9.8CVSS7.6AI score0.02689EPSS
In wildExploits0References9
CNNVD
CNNVD
added 2025/10/20 12:0 a.m.5 views

SLiMS 9 Bulian 安全漏洞

SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which stems from...

7.6CVSS7AI score0.0033EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/20 12:0 a.m.4 views

GeoVision GV-BX1500和GeoVision GV-MFD1501 安全漏洞

The GeoVision GV-BX1500 and GeoVision GV-MFD1501 are both a series of indoor IP cameras from GeoVision China. A security vulnerability exists in the GeoVision GV-BX1500 and GeoVision GV-MFD1501 that stems from a remote command injection in /PictureCatch.cgi, which could lead to the execution of...

10CVSS7.6AI score0.01318EPSS
Exploits0References6
Talos
Talos
added 2025/10/20 12:0 a.m.6 views

Truffle Security Co. TruffleHog git arbitrary code execution vulnerability

Talos Vulnerability Report TALOS-2025-2243 Truffle Security Co. TruffleHog git arbitrary code execution vulnerability October 20, 2025 CVE Number CVE-2025-41390 SUMMARY An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially...

7.8CVSS7.4AI score0.00284EPSS
Exploits0
OSV
OSV
added 2025/10/19 7:8 p.m.3 views

JLSEC-2025-123 libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale h...

libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...

8.1CVSS7.7AI score0.01512EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/10/18 12:0 a.m.3 views

FreeBSD : Mozilla -- Memory safety bugs (ed132d42-ab81-11f0-b961-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ed132d42-ab81-11f0-b961-b42e991fc52e advisory. [email protected] reports: Memory safety bug. This bug showed evidence of memory corruption and we...

9.8CVSS8.5AI score0.00332EPSS
Exploits0References3
Slackware Linux
Slackware Linux
added 2025/10/17 11:5 p.m.9 views

[slackware-security] sqlite

New sqlite packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/sqlite-3.50.4-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: A memory corruption issue caused by improper handling...

7.7CVSS8.3AI score0.73495EPSS
Exploits3
Snyk
Snyk
added 2025/10/17 9:42 p.m.2 views

Deserialization of Untrusted Data

Overview pyquokka is a Quokka Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the doaction function in the flight.py file. An attacker can execute arbitrary code on the server by sending maliciously crafted serialized data through the network interface...

9.8CVSS7.8AI score0.00761EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/17 9:31 p.m.4 views

EUVD-2025-34911

An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file...

7.3AI score0.00666EPSS
Exploits0References4
NVD
NVD
added 2025/10/17 7:15 p.m.7 views

CVE-2025-56320

Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting XSS in its chat box component. This allows a remote attacker to execute arbitrary code. NOTE: the Supplier reports that this is "Present only in an obsolete, unsupported version no longer in circulation."...

5.4CVSS0.00394EPSS
Exploits0References3
OSV
OSV
added 2025/10/17 7:15 p.m.5 views

CVE-2025-56218

An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file...

9.8CVSS6.2AI score0.00666EPSS
Exploits0References3
OSV
OSV
added 2025/10/17 6:31 p.m.6 views

GHSA-CVHH-Q5G5-QPRP Keras framework vulnerable to deserialization of untrusted data

Deserialization of untrusted data can occur in versions of the Keras framework running versions 3.11.0 up to but not including 3.11.3, enabling a maliciously uploaded Keras file containing a TorchModuleWrapper class to run arbitrary code on an end user’s system when loaded despite safe mode being...

9.8CVSS7.4AI score0.0071EPSS
Exploits0References4
Rows per page
Query Builder