120948 matches found
CVE-2025-60537
Improper input validation in the component /kafka/ui/serdes/CustomSerdeLoader.java of kafka-ui v0.6.0 to v0.7.2 allows attackers to execute arbitrary code via supplying crafted data...
EUVD-2025-34493
Animate versions 23.0.13, 24.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2025-42213
Animate versions 23.0.13, 24.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Tenda AC7 /goform/saveAutoQos File Buffer Overflow Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter enable in the file /goform/saveAutoQos that fails to correctly validate the length of the input data, and can be exploited by ...
SmartBI 安全漏洞
SmartBI is a business intelligence software from China-based SmartBI. A security vulnerability exists in SmartBI versions V8, V9, and V10 that stems from an unrestricted file upload in the RMIServlet request processing logic, which could lead to the execution of arbitrary code...
Tenda W12 Buffer Overflow Vulnerability
The W12 is a high-performance wireless access point from Tenda China. Ltd. W12 3.0.0.6 version of the existence of buffer overflow vulnerability, the vulnerability stems from the HTTP Request Handler component / goform/modules file wifiMacFilterSet function parameter mac failed to correctly...
PT-2025-42232
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
PT-2025-42227
The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theet ajax required plugins popup function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files ...
WordPress plugin is-human 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-42214
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
RSUPPORT RemoteCall Remote Support Program 代码问题漏洞
RSUPPORT RemoteCall Remote Support Program is a remote assistance software from the Korean company RSUPPORT. A code issue vulnerability exists in RSUPPORT RemoteCall Remote Support Program versions prior to 5.3.0, which stems from an uncontrolled search path element that could lead to the executi...
PT-2025-42231
RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
Adobe Dimension < 4.1.5 Multiple Arbitrary code execution (APSB25-103) (macOS)
The version of Adobe Dimension installed on the remote macOS host is prior to 4.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-103 advisory. - Use After Free CWE-416 potentially leading to Arbitrary code execution CVE-2025-61801 - Out-of-bounds Read CWE-12...
UTT HiPER 840G Buffer Overflow Vulnerability
The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...
Adobe Animate 资源管理错误漏洞
Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Animate, which can be exploited by an attacker to cause arbitrary code to be executed in the current user environment...
Tenda AC7 /goform/setNotUpgrade File Buffer Overflow Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter newVersion in the file /goform/setNotUpgrade that fails to correctly validate the length and size of the input data, and can b...
PT-2025-42212
Animate versions 23.0.13, 24.0.10 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Adobe Dimension < 4.1.5 Multiple Arbitrary code execution (APSB25-103)
The version of Adobe Dimension installed on the remote Windows host is prior to 4.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-103 advisory. - Use After Free CWE-416 potentially leading to Arbitrary code execution CVE-2025-61801 - Out-of-bounds Read...
EUVD-2025-34473
Substance3D - Stager versions 3.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-61802
Substance3D - Stager versions 3.1.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...