206125 matches found
MiracleLinux 7 : firefox-52.3.0-2.0.2.el7.AXS7 (AXSA:2017-2105:05)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-2105:05 advisory. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or,...
MiracleLinux 7 : mercurial-2.6.2-7.el7 (AXEA:2017-1725:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXEA:2017-1725:01 advisory. - In Mercurial before 4.1.3, hg serve --stdio allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by...
Adobe InDesign Buffer Overflow Vulnerability (CNVD-2026-11772)
Adobe InDesign is a professional desktop publishing software developed by Adobe for layout and page layout in print and digital media. A buffer overflow vulnerability exists in Adobe InDesign, which is caused by an access to an uninitialized pointer error, and can be exploited by an attacker to...
Adobe Dreamweaver License Issue Vulnerability
Adobe Dreamweaver is a professional web code editor and web development tool developed by Adobe. Adobe Dreamweaver suffers from an authorization issue vulnerability that can be exploited by attackers to execute arbitrary code on the system...
Microsoft Windows NTFS Code Execution Vulnerability (CNVD-2026-17156)
Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. A code execution vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to execute arbitrary code on...
Adobe InDesign Buffer Overflow Vulnerability (CNVD-2026-11773)
Adobe InDesign is a professional desktop publishing software developed by Adobe for layout and page layout in print and digital media. Adobe InDesign suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
Microsoft Windows NTFS Code Execution Vulnerability
Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. A code execution vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to execute arbitrary code on...
MiracleLinux 3 : pango-1.14.9-5AXS3 (AXSA:2009-50:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-50:01 advisory. Pango is a system for layout and rendering of internationalized text. Fixed bugs: CVE-2009-1194 Integer overflow in the pangoglyphstringsetsize function in...
MiracleLinux 7 : vim-7.4.160-1.el7.1 (AXSA:2016-1205:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-1205:01 advisory. VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular...
MiracleLinux 4 : firefox-52.5.0-1.0.1.AXS4 (AXSA:2017-2420:06)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-2420:06 advisory. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or,...
Integer Overflow Vulnerability in Multiple Mozilla Products
Mozilla Firefox is an open source web browser from the Mozilla Foundation.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation.Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation that is separate from the Mozilla...
Buffer overflow vulnerability in multiple Mozilla products (CNVD-2026-11804)
Mozilla Firefox is an open source web browser from the Mozilla Foundation.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation.Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation that is separate from the Mozilla...
FreeRDP security vulnerabilities
FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.21.0 contained security vulnerabilities. These vulnerabilities stemmed from the freerdpbitmapdecompressplanar function, which did not validate the nSrcWidth and nSrcHeight parameter...
Linux Distros Unpatched Vulnerability : CVE-2026-23534
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands deco...
PT-2026-3507
Name of the Vulnerable Software and Affected Versions Alchemy versions prior to 7.4.12 Alchemy versions prior to 8.0.3 Description Alchemy, a Ruby on Rails content management system, allows an authenticated attacker to execute arbitrary system commands on the host operating system. The applicatio...
Arbitrary Code Injection
Overview @lobehub/lobehub is a LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are...
CVE-2026-0863
Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissio...
CVE-2026-0863
Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissio...
CVE-2026-0863 Sandbox escape in n8n Python task runner allows for arbitrary code execution on the underlying host.
Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissio...
[SECURITY] [DSA 6103-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6103-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 17, 2026 https://www.debian.org/security/faq -...