Lucene search
K

120948 matches found

RedhatCVE
RedhatCVE
added 2025/10/15 12:51 a.m.10 views

CVE-2025-60537

Improper input validation in the component /kafka/ui/serdes/CustomSerdeLoader.java of kafka-ui v0.6.0 to v0.7.2 allows attackers to execute arbitrary code via supplying crafted data...

6.5CVSS7.8AI score0.00356EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/15 12:18 a.m.5 views

EUVD-2025-34493

Animate versions 23.0.13, 24.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.2AI score0.00243EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.4 views

PT-2025-42213

Animate versions 23.0.13, 24.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.7AI score0.00243EPSS
Exploits0References2
CNVD
CNVD
added 2025/10/15 12:0 a.m.9 views

Tenda AC7 /goform/saveAutoQos File Buffer Overflow Vulnerability

Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter enable in the file /goform/saveAutoQos that fails to correctly validate the length of the input data, and can be exploited by ...

9CVSS8.3AI score0.00719EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.2 views

SmartBI 安全漏洞

SmartBI is a business intelligence software from China-based SmartBI. A security vulnerability exists in SmartBI versions V8, V9, and V10 that stems from an unrestricted file upload in the RMIServlet request processing logic, which could lead to the execution of arbitrary code...

9.2CVSS7AI score0.00485EPSS
Exploits0References5
CNVD
CNVD
added 2025/10/15 12:0 a.m.4 views

Tenda W12 Buffer Overflow Vulnerability

The W12 is a high-performance wireless access point from Tenda China. Ltd. W12 3.0.0.6 version of the existence of buffer overflow vulnerability, the vulnerability stems from the HTTP Request Handler component / goform/modules file wifiMacFilterSet function parameter mac failed to correctly...

9.8CVSS8.3AI score0.07891EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.7 views

PT-2025-42232

RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

8.5CVSS7.3AI score0.00157EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.5 views

PT-2025-42227

The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theet ajax required plugins popup function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files ...

8.8CVSS7.1AI score0.00682EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.3 views

WordPress plugin is-human 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

9.3CVSS7.3AI score0.00436EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.7 views

PT-2025-42214

The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...

9.3CVSS8.2AI score0.00436EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.10 views

RSUPPORT RemoteCall Remote Support Program 代码问题漏洞

RSUPPORT RemoteCall Remote Support Program is a remote assistance software from the Korean company RSUPPORT. A code issue vulnerability exists in RSUPPORT RemoteCall Remote Support Program versions prior to 5.3.0, which stems from an uncontrolled search path element that could lead to the executi...

8.5CVSS7.8AI score0.00157EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.4 views

PT-2025-42231

RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

8.5CVSS7.3AI score0.00157EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.6 views

Adobe Dimension < 4.1.5 Multiple Arbitrary code execution (APSB25-103) (macOS)

The version of Adobe Dimension installed on the remote macOS host is prior to 4.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-103 advisory. - Use After Free CWE-416 potentially leading to Arbitrary code execution CVE-2025-61801 - Out-of-bounds Read CWE-12...

7.8CVSS6.2AI score0.0021EPSS
Exploits0References5
CNVD
CNVD
added 2025/10/15 12:0 a.m.2 views

UTT HiPER 840G Buffer Overflow Vulnerability

The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...

9CVSS8.1AI score0.00874EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.4 views

Adobe Animate 资源管理错误漏洞

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Animate, which can be exploited by an attacker to cause arbitrary code to be executed in the current user environment...

7.8CVSS7.1AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/15 12:0 a.m.3 views

Tenda AC7 /goform/setNotUpgrade File Buffer Overflow Vulnerability

Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter newVersion in the file /goform/setNotUpgrade that fails to correctly validate the length and size of the input data, and can b...

9.8CVSS8.3AI score0.00786EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.3 views

PT-2025-42212

Animate versions 23.0.13, 24.0.10 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.7AI score0.00231EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.5 views

Adobe Dimension < 4.1.5 Multiple Arbitrary code execution (APSB25-103)

The version of Adobe Dimension installed on the remote Windows host is prior to 4.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-103 advisory. - Use After Free CWE-416 potentially leading to Arbitrary code execution CVE-2025-61801 - Out-of-bounds Read...

7.8CVSS6.2AI score0.0021EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/14 9:30 p.m.3 views

EUVD-2025-34473

Substance3D - Stager versions 3.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.2AI score0.00188EPSS
Exploits0References2
NVD
NVD
added 2025/10/14 8:15 p.m.3 views

CVE-2025-61802

Substance3D - Stager versions 3.1.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00197EPSS
Exploits0References1
Rows per page
Query Builder