CVE-2025-11739

CWE‑502: Deserialization of Untrusted Data vulnerability exists that could cause arbitrary code execution with administrative privileges when a locally authenticated attacker sends a crafted data stream, triggering unsafe deserialization...

CVE-2025-11739

CWE‑502: Deserialization of Untrusted Data vulnerability exists that could cause arbitrary code execution with administrative privileges when a locally authenticated attacker sends a crafted data stream, triggering unsafe deserialization...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corrupti...

Security Bulletin: A security vulnerability in logback-classic-1.3.14.jar affects IBM DevOps Code ClearCase [CVE-2024-12798]

Summary A security vulnerability in logback-classic-1.3.14.jar affects IBM DevOps Code ClearCase CVE-2024-12798 Vulnerability Details CVEID:CVE-2024-12798 DESCRIPTION: ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java...

Security Bulletin: Multiple vulnerabilities in logback-core-1.3.14.jar affects IBM DevOps Code ClearCase [CVE-2024-12798, CVE-2024-12801, CVE-2025-11226,CVE-2026-1225]

Summary Multiple vulnerabilities in logback-core-1.3.14.jar affects IBM DevOps Code ClearCase CVE-2024-12798, CVE-2024-12801, CVE-2025-11226,CVE-2026-1225 Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in configuration file processing by QOS.CH logback-core up to and...

CVE-2025-70038

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

GHSA-9C4H-PWMF-M6FJ RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface

Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...

RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface

Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...

D-Link DIR-513 goform/formAdvFirewall File Buffer Overflow Vulnerability

D-Link DIR-513 is a wireless router product from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-513 v1.10 version. The vulnerability stems from the goform/formAdvFirewall component failing to properly validate the length and size of input data, which can be exploited...

Uderzo SpaceSniffer 安全漏洞

Uderzo SpaceSniffer is a visualization tool developed by Uderzo Company for analyzing disk space usage. Version 2.0.5.18 of Uderzo SpaceSniffer contains a security vulnerability caused by a buffer overflow, which may lead to the execution of arbitrary code...

Adobe Substance3D Stager 缓冲区错误漏洞

Adobe Substance3D Stager is a 3D scene modeling and rendering software developed by Adobe Inc. Versions of Adobe Substance3D Stager 3.1.7 and earlier contain a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which may allow arbitrary code to execute under current...

Fortinet FortiWeb 安全漏洞

Fortinet FortiWeb is a Web application layer firewall developed by the American company Fortinet. It can block threats such as cross-site scripting, SQL injection, cookie poisoning, and schema poisoning, ensuring the security of web applications and protecting sensitive database content. There is...

Adobe DNG SDK 缓冲区错误漏洞

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An out-of-bounds write vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause arbitrary code to be executed in the...

APSB26-29 : Security update available for Adobe Substance 3D Stager

Adobe has released an update for Adobe Substance 3D Stager. This update addresses critical vulnerabilities in Adobe Substance 3D Stager that could lead to arbitrary code execution...

Adobe Illustrator 安全漏洞

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. Adobe Illustrator suffers from a stack buffer overflow vulnerability vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to...

PT-2026-24501

Name of the Vulnerable Software and Affected Versions Illustrator versions 29.8.4 and earlier Illustrator version 30.1 and earlier Description Illustrator versions 29.8.4 and 30.1, and earlier are susceptible to a Stack-based Buffer Overflow. Successful exploitation of this issue could lead to...

PT-2026-24500

Name of the Vulnerable Software and Affected Versions Illustrator versions 29.8.4 and earlier Illustrator version 30.1 Description The software contains an out-of-bounds write issue that may allow for arbitrary code execution with the privileges of the current user. Successful exploitation requir...

PT-2026-24393

Name of the Vulnerable Software and Affected Versions Substance3D - Stager versions 3.1.7 and earlier Description Substance3D - Stager versions 3.1.7 and earlier are susceptible to a Use After Free issue, potentially leading to arbitrary code execution with the privileges of the current user...

Siemens COMOS has multiple vulnerabilities

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, retention and distribution of information throughout the plant lifecycle. Siemens COMOS has multiple vulnerabilities that can be exploited by attackers to execute...

Adobe Illustrator 缓冲区错误漏洞

Adobe Illustrator is a vector-based image creation software developed by Adobe Inc. Versions 29.8.4, 30.1, and earlier of Adobe Illustrator have a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which may allow arbitrary code to execute in the current user...