CVE-2026-26699

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...

Adobe After Effects has an out-of-bounds write vulnerability

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds write vulnerability exists in Adobe After Effects 25.6 and...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from logical errors in several functions. These vulnerabilities could allow for the execution of arbitrary code and the escalation of local...

Personnel Property Equipment System 安全漏洞

Personnel Property Equipment System is a personnel property equipment management system developed by Jon Remus Sevellejo. Version 1.0 of Personnel Property Equipment System has security vulnerabilities; these vulnerabilities stem from arbitrary code execution in the...

OpenClaw OS Command Injection Vulnerability (CNVD-2026-13373)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an operating system command injection vulnerability that stems from the failure of maintainer/developer scripts/update-clawtributors.ts to properly filter construct command special characters, commands...

PT-2026-22612

Name of the Vulnerable Software and Affected Versions sourcecodester Personnel Property Equipment System version 1.0 Description The software contains a flaw that allows for arbitrary code execution. This issue is present in the 'ip/ppes/admin/admin change picture.php' component. Recommendations ...

Microsoft Hyper-V Code Execution Vulnerability (CNVD-2026-17151)

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A code execution vulnerability exists in Microsoft Hyper-V, which can be exploited by an attacker to execute arbitrary code on a system...

EUVD-2026-9198

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : rlottie vulnerabilities (USN-8058-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8058-1 advisory. It was discovered that rlottie did not properly handle certain inputs. An attacker could use this issue to cause a denial...

CVE-2026-26699

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...

Debian dla-4495 : thunderbird - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4495 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4495-1 [email protected]...

RHEL 8 : openssl (RHSA-2026:3364)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3364 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

CVE-2026-26699

CVE-2026-26699 affects sourcecodester Personnel Property Equipment System v1.0. Multiple sources report an arbitrary code execution vulnerability in ip/ppes/admin/admin_change_picture.php. The Red Hat/CIRCL/NVD entries confirm the vulnerable component, but do not provide detailed root-cause speci...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the Antlers-enabled control panel inputs. An attacker can execute arbitrary code in the application context by submitting specially crafted content to fields. This can result in full compromise of the...

RHEL 8 : openssl (RHSA-2026:3437)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3437 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

[SECURITY] [DSA 6152-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6152-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 28, 2026 https://www.debian.org/security/faq -...

CVE-2026-27653

The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow arbitrary code to be executed with SYSTEM privileges...

CVE-2026-2680

Reflected Cross-Site Scripting XSS on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.wolterskluwer.es//incomes/salesDeliveryNotes' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser...

Exploit for CVE-2025-70341

CVE-2025-70341: Insecure Permissions + Arbitrary Code Executio...

CVE-2026-25191

The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may be executed with the installer's execution privileg...