RHEL 10 : gnupg2 (RHSA-2026:1629)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1629 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards...

ROS-20260202-73-0012

Vulnerability in kernel-lt related to memory usage after memory release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260202-73-0007

Vulnerability in kernel-lt related to memory usage after memory release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

OpenTelemetry-Go 代码问题漏洞

OpenTelemetry-Go is an open-source developer toolkit developed by OpenTelemetry - CNCF. Versions of OpenTelemetry-Go from 1.20.0 to 1.39.0 have code vulnerabilities. These vulnerabilities stem from path hijacking during the execution of the ioreg command in resource detection code, which may lead...

TP-Link Archer BE230 安全漏洞

The TP-Link Archer BE230 is a wireless router produced by TP-Link Corporation. The TP-Link Archer BE230 v1.2 1.2.4 Build 20251218 rel.70420 versions had security vulnerabilities. These vulnerabilities stemmed from OS command injection in the VPN module, which could allow for the execution of...

CVE-2020-37064

EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMPNSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\EPSON Projector\EasyMP Network Projection V2\ to inject...

CVE-2020-37062 DHCP Turbo 4.6.1298- 'DHCP Turbo 4' Unquoted Service Path

DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path to gain elevated privileges when the service starts...

CVE-2020-37063

TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with LocalSyst...

CVE-2020-37063 TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path

TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with LocalSyst...

CVE-2020-37063

CVE-2020-37063 affects TFTP Turbo 4.6.1273 and is caused by an unquoted service path in the service configuration, enabling local attackers to inject and launch a malicious executable under LocalSystem permissions. The vulnerability can lead to arbitrary code execution with elevated privileges; C...

CVE-2020-37063 TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path

TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with LocalSyst...

EUVD-2020-30968

BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted executable path to inject malicious code that will be executed when the service starts with...

CVE-2020-37061 BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path

BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted executable path to inject malicious code that will be executed when the service starts with...

PT-2026-5576

Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:Program FilesVeritasNetBackupbinbpinetd.exe to inject malicious code that would...

PT-2026-5582

TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with LocalSyst...

PT-2026-5583

EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMP NSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:Program Files x86EPSON ProjectorEasyMP Network Projection V2 to inject malicio...

CVE-2026-25129

PsySH is a runtime developer console, interactive debugger, and REPL for PHP. Prior to versions 0.11.23 and 0.12.19, PsySH automatically loads and executes a .psysh.php file from the Current Working Directory CWD on startup. If an attacker can write to a directory that a victim later uses as thei...

CVE-2026-1699

In the Eclipse Theia Website repository, the GitHub Actions workflow .github/workflows/preview.yml used pullrequesttarget trigger while checking out and executing untrusted pull request code. This allowed any GitHub user to execute arbitrary code in the repository's CI environment with access to...

EUVD-2020-30932

Frigate 3.36.0.9 contains a local buffer overflow vulnerability in the Command Line input field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload to overflow the buffer, bypass DEP, and execute commands like launching calc.exe through a specially crafted inp...

EUVD-2020-30941

RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload with an egg hunter technique to bypass memory protections and execute commands like launching...