CVE-2026-25655

A vulnerability has been identified in SINEC NMS All versions V4.0 SP2. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative...

CVE-2026-22923

A vulnerability has been identified in NX All versions V2512, NX Managed Mode All versions V2512. The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially...

libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response

A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption...

RLSA-2026:2222 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Heap buffer overflow leading to denial of service and...

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, release...

CVE-2026-25880

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

PT-2026-7595

A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

UTT 520W goform/formIpGroupConfig file buffer overflow vulnerability

The UTT 520W is a wireless router from China Aitai UTT. A buffer overflow vulnerability exists in the UTT 520W goform/formIpGroupConfig file, which originates from the failure of the parameter groupName in the file /goform/formIpGroupConfig to correctly validate the length of the input data, and...

PT-2026-7602

WorkgroupMail 7.5.1 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges...

Allok RM RMVB to AVI MPEG DVD Converter 安全漏洞

Allok RM RMVB to AVI MPEG DVD Converter is a video encoding tool developed by Allok Corporation. Version 3.6.1217 of Allok RM RMVB to AVI MPEG DVD Converter contains a security vulnerability. This vulnerability stems from a stack buffer overflow in the License Name input field, which may allow fo...

Zilab Remote Console Server 代码问题漏洞

Zilab Remote Console Server is a series of serial port servers developed by the German company Zilab. Version 3.2.9 of Zilab Remote Console Server contains a code vulnerability caused by an unquoted service path. This vulnerability could allow local attackers to execute arbitrary code with elevat...

KLA90932 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Memory safety vulnerability can be exploited to execute...

AMD Secure Processor 安全漏洞

The AMD Secure Processor is an independent ARM Coretex-A5 chip developed by the American semiconductor company AMD. The AMD Secure Processor has a security vulnerability that stems from improper parameter handling, which may allow for the execution of arbitrary code...

DiskCache 安全漏洞

DiskCache: Disk Backed Cache is a disk backup cache tool developed by Grant Jenks. Versions of DiskCache 5.6.3 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the default use of Python pickle for serialization, which could allow attackers to execute arbitrary co...

AMD Vivado 安全漏洞

AMD Vivado is a hardware development and integrated design environment provided by the American semiconductor company AMD. AMD Vivado has security vulnerabilities, which stem from DLL hijacking. These vulnerabilities may allow local attackers to gain elevated privileges, enabling them to execute...

TOTOLINK A950RG Buffer Overflow Vulnerability

The TOTOLINK A950RG is an ultra-generation Giga wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A950RG suffers from a buffer overflow vulnerability that originates from insufficient validation of the urlKeyword parameter in the setParentalRules interface and failure to perfor...

CIPPlanner CIPAce 安全漏洞

CIPPlanner CIPAce is a business process automation and application development platform provided by the American company CIPPlanner. Versions of CIPPlanner CIPAce prior to version 9.17 contained security vulnerabilities. These vulnerabilities stemmed from the rich text editor and document...

TorrentRockYou Torrent FLV Converter 安全漏洞

TorrentRockYou Torrent FLV Converter is a video format conversion tool developed by TorrentRockYou Inc. Version 1.51 Build 117 of TorrentRockYou Torrent FLV Converter has a security vulnerability. This vulnerability stems from a stack buffer overflow, which may allow for the execution of arbitrar...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

TOTOLINK A3600R Buffer Overflow Vulnerability

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a buffer overflow vulnerability that originates from the failure of apcliSsid, a parameter of the setAppEasyWizardConfig function in the /lib/cstemodules/app.so library, t...