CVE-2026-21349

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

HashiCorp next-mdx-remote 安全漏洞

HashiCorp next-mdx-remote is a content rendering tool developed by the American company HashiCorp. Versions of HashiCorp next-mdx-remote prior to version 6.0.0 contained security vulnerabilities, which were due to insufficient MDX content cleanup and could lead to arbitrary code execution...

InternetSoft Domain Quester Pro 安全漏洞

InternetSoft Domain Quester Pro is a domain name search and query tool provided by InternetSoft Corporation. Version 6.02 of InternetSoft Domain Quester Pro contains a security vulnerability. This vulnerability stems from a stack overflow issue in the Domain Name Keywords input field, which could...

CVE-2025-63421

An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3 allows a local attacker to execute arbitrary code via the comeinst.exe file...

CVE-2025-63421

An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3 allows a local attacker to execute arbitrary code via the comeinst.exe file...

AMD Vivado Documentation Navigator installation 安全漏洞

The AMD Vivado Documentation Navigator installation is an integrated document management software tool developed by AMD, a US semiconductor company. The AMD Vivado Documentation Navigator installation contains a security vulnerability, which stems from DLL hijacking. This vulnerability may allow...

InternetSoft FTP Commander Pro 安全漏洞

InternetSoft FTP Commander Pro is an FTP software developed by InternetSoft Corporation. Version 8.03 of InternetSoft FTP Commander Pro contains a security vulnerability. This vulnerability stems from the possibility of local stack overflows when custom commands are entered, which could lead to t...

CVE-2025-63421

An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3 allows a local attacker to execute arbitrary code via the comeinst.exe file...

PT-2026-7878

A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

Microsoft Windows win32kfull Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

PT-2026-7864

An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3 allows a local attacker to execute arbitrary code via the comeinst.exe file...

CVE-2025-63421

CVE-2025-63421 affects Filosoft Comerc.32 Commercial Invoicing v16.0.0.3. The issue arises from a flaw in the comeinst.exe file that allows a local attacker to execute arbitrary code. CVSS v3.1 indicates a HIGH base score (7.8) with LOCAL access, LOW attack complexity, and privileges required, no...

Adobe Lightroom Desktop Out-of-Bounds Write Vulnerability

Adobe Lightroom Desktop is a professional photo management and editing software from the American company Audobee Adobe, designed to provide photographers and image editors with powerful workflow and editing tools. Adobe Lightroom Desktop suffers from an out-of-bounds write vulnerability that can...

Mersenne Research Prime95 安全漏洞

Mersenne Research Prime95 is an open-source software developed by Mersenne Research, running on Windows operating systems. Version 29.8 build 6 of Mersenne Research Prime95 contains a security vulnerability. This vulnerability stems from a buffer overflow in the user ID input field, which could...

authentik 代码注入漏洞

Authentik is an open-source identity provisioning application developed by Authentik. Versions of Authentik prior to 2025.8.6, 2025.10.4, and 2025.12.4 have a code injection vulnerability. This vulnerability allows users with specific permissions to execute arbitrary code through test endpoints...

PT-2026-7850

Name of the Vulnerable Software and Affected Versions AMD power management firmware PMFW affected versions not specified Description An unintended proxy or intermediary in the AMD power management firmware PMFW could allow a privileged attacker to send malformed messages to the system management...

PT-2026-7935

SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception Handler SEH...

PT-2026-7931

FTP Commander Pro 8.03 contains a local stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting the EIP register through a custom command input. Attackers can craft a malicious payload of 4108 bytes to overwrite memory and execute shellcode, demonstrating remot...

PostgreSQL 安全漏洞

PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Security vulnerabilities existed in versions prior to PostgreSQL...

PostgreSQL 安全漏洞

PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Vulnerabilities existed in versions prior to PostgreSQL 18.2, 17....