Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30307, 24.001.30308, 25.001.21265, and earlier versions have a resource management...

ROS-20260310-73-0040

A vulnerability in the signature verification functions GOST DSA, EDDSA and ECDSA of the Nettle library is related to flaws in the cryptographic algorithms used. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by entering an invalid signature...

ROS-20260310-73-0016

Vulnerability in wireshark related to writing outside buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

ROS-20260310-73-0050

A vulnerability in the cmd/cgo component of the Go programming language is related to incorrect code generation control. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

Security Vulnerabilities fixed in Firefox 148.0.2 — Mozilla

Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

Adobe Reader < 25.001.21288 Multiple Vulnerabilities (APSB26-26) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 25.001.21288. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could resul...

Adobe Acrobat < 24.001.30356 / 25.001.21288 Multiple Vulnerabilities (APSB26-26) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 24.001.30356 or 25.001.21288. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability...

Adobe Premiere Pro < 25.6 Arbitrary code execution (APSB26-28)

The version of Adobe Premiere Pro installed on the remote Windows host is prior to 25.6. It is, therefore, affected by a vulnerability as referenced in the APSB26-28 advisory. - Out-of-bounds Read CWE-125 potentially leading to Arbitrary code execution CVE-2026-27269 Note that Nessus has not test...

Adobe Illustrator < 29.8.5 / 30.0 < 30.2 Multiple Vulnerabilities (APSB26-18)

The version of Adobe Illustrator installed on the remote Windows host is prior to 29.8.5, 30.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-18 advisory. - Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that...

Resource Injection

Overview Affected versions of this package are vulnerable to Resource Injection via the buildProxyPass function. An attacker can execute arbitrary code and access sensitive information by injecting malicious configuration into the nginx controller process. Remediation Upgrade...

Resource Injection

Overview Affected versions of this package are vulnerable to Resource Injection via the buildProxyPass function. An attacker can execute arbitrary code and access sensitive information by injecting malicious configuration into the nginx controller process. Remediation Upgrade...

[SECURITY] [DSA 6158-1] imagemagick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6158-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 09, 2026 https://www.debian.org/security/faq -...

CVE-2026-3288

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible t...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via improper sanitization in the cleanUpString function. An attacker can execute arbitrary commands on the server by injecting specially crafted Liquidsoap string interpolation sequences into user-controllable...

EUVD-2025-208439

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

EUVD-2025-208438

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

EUVD-2026-10342

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...

CVE-2025-70038

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

CVE-2025-70038

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

kernel: Linux kernel use-after-free in eventpoll

A flaw was found in the Linux kernel's eventpoll epoll mechanism. A local attacker could exploit a use-after-free vulnerability due to incorrect handling of the 'ep' refcount while the 'ep' mutex is still held. This can lead to memory corruption, potentially allowing the attacker to achieve...