206159 matches found
PT-2026-2792
Name of the Vulnerable Software and Affected Versions Enclave versions prior to 2.7.0 Description Enclave is a secure JavaScript sandbox used for safe AI agent code execution. A critical sandbox escape issue exists in enclave-vm, allowing untrusted JavaScript code to execute arbitrary code in the...
PT-2026-2380
Name of the Vulnerable Software and Affected Versions Wondershare UBackit version 2.0.5 Description The software contains an unquoted service path issue. This allows local users to potentially execute arbitrary code with elevated system privileges. An attacker can exploit the unquoted path in the...
PT-2026-2377
Name of the Vulnerable Software and Affected Versions Wondershare Dr.Fone version 11.4.9 Description Wondershare Dr.Fone version 11.4.9 has an issue with an unquoted service path in the DFWSIDService. This could allow local users to potentially run arbitrary code. The unquoted path is located at...
Hewlett Packard Enterprise ArubaOS 安全漏洞
Hewlett Packard Enterprise ArubaOS HPE ArubaOS is a networked wireless operating system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise ArubaOS that stems from the presence of a stack overflow that could lead to the execution of arbitrary code...
PT-2026-2393
Name of the Vulnerable Software and Affected Versions ProtonVPN version 1.26.0 Description ProtonVPN version 1.26.0 has an issue with an unquoted service path in its WireGuard service configuration. This could allow local attackers to potentially run arbitrary code. The issue arises because of th...
PT-2026-2399
Name of the Vulnerable Software and Affected Versions Cobian Backup version 0.9 Description A local user can execute arbitrary code with elevated system privileges. This is due to an unquoted service path in the CobianReflectorService, allowing attackers to inject malicious code that executes wit...
MiracleLinux 9 : perl-File-Find-Rule-0.34-19.1.el9_6 (AXSA:2025-10696:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10696:01 advisory. perl-file-find-rule: File::Find::Rule Arbitrary Code Execution CVE-2011-10007 Tenable has extracted the preceding description block directly from the...
MiracleLinux 7 : gstreamer1-1.10.4-2.0.1.el7.AXS7 (AXSA:2025-11534:07)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11534:07 advisory. CVE-2024-47606: allocator: avoid integer overflow when allocating sysmem Fix documentation build with the newer gtk-doc CVEs: CVE-2024-47606 GStreamer is a...
MiracleLinux 9 : postgresql:16 (AXSA:2025-10800:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10800:01 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation...
MiracleLinux 9 : ghostscript-9.54.0-18.el9_6 (AXSA:2025-10460:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10460:03 advisory. ghostscript: dangling pointer in gdevprnopenprinterseekable CVE-2023-46751 ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is a suite of standalone Mozilla Application Suite Mozilla Thunderbird is a stand-alone e-mail client software from the Mozilla...
PT-2026-2654
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 147 Thunderbird versions prior to 147 Description The software contains memory safety bugs that could potentially lead to arbitrary code execution. Some of these bugs demonstrate evidence of memory corruption...
PT-2026-2767
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim...
Adobe Dreamweaver Desktop 操作系统命令注入漏洞
Adobe Dreamweaver Desktop is a web design and development software from Adobe. An operating system command injection vulnerability exists in Adobe Dreamweaver Desktop 21.6 and earlier versions, which stems from improper neutralization of specific elements in OS commands, and could lead to OS...
MiracleLinux 9 : freetype-2.10.4-9.el9.ML.2 (AXSA:2025-9776:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9776:01 advisory. An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph...
KLA90833 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1...
KLA90835 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Denial of...
Security Vulnerabilities fixed in Thunderbird 140.7 — Mozilla
Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...
APSB26-01 : Security update available for Adobe DreamWeaver
Adobe has released a security update for Adobe Dreamweaver. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and arbitrary file system write...
APSB26-04 : Security update available for Adobe InCopy
Adobe has released a security update for Adobe InCopy. This update addresses a critical vulnerability that could lead to arbitrary code execution...