Lucene search
K

206159 matches found

Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.6 views

PT-2026-2792

Name of the Vulnerable Software and Affected Versions Enclave versions prior to 2.7.0 Description Enclave is a secure JavaScript sandbox used for safe AI agent code execution. A critical sandbox escape issue exists in enclave-vm, allowing untrusted JavaScript code to execute arbitrary code in the...

10CVSS7.7AI score0.00588EPSS
Exploits3References11
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.6 views

PT-2026-2380

Name of the Vulnerable Software and Affected Versions Wondershare UBackit version 2.0.5 Description The software contains an unquoted service path issue. This allows local users to potentially execute arbitrary code with elevated system privileges. An attacker can exploit the unquoted path in the...

8.5CVSS7.2AI score0.00132EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.4 views

PT-2026-2377

Name of the Vulnerable Software and Affected Versions Wondershare Dr.Fone version 11.4.9 Description Wondershare Dr.Fone version 11.4.9 has an issue with an unquoted service path in the DFWSIDService. This could allow local users to potentially run arbitrary code. The unquoted path is located at...

8.5CVSS6.4AI score0.00226EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.4 views

Hewlett Packard Enterprise ArubaOS 安全漏洞

Hewlett Packard Enterprise ArubaOS HPE ArubaOS is a networked wireless operating system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise ArubaOS that stems from the presence of a stack overflow that could lead to the execution of arbitrary code...

7.2CVSS6.1AI score0.00477EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.7 views

PT-2026-2393

Name of the Vulnerable Software and Affected Versions ProtonVPN version 1.26.0 Description ProtonVPN version 1.26.0 has an issue with an unquoted service path in its WireGuard service configuration. This could allow local attackers to potentially run arbitrary code. The issue arises because of th...

8.5CVSS6.7AI score0.00193EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.4 views

PT-2026-2399

Name of the Vulnerable Software and Affected Versions Cobian Backup version 0.9 Description A local user can execute arbitrary code with elevated system privileges. This is due to an unquoted service path in the CobianReflectorService, allowing attackers to inject malicious code that executes wit...

8.5CVSS7.5AI score0.00195EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 9 : perl-File-Find-Rule-0.34-19.1.el9_6 (AXSA:2025-10696:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10696:01 advisory. perl-file-find-rule: File::Find::Rule Arbitrary Code Execution CVE-2011-10007 Tenable has extracted the preceding description block directly from the...

8.8CVSS7.9AI score0.00736EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.2 views

MiracleLinux 7 : gstreamer1-1.10.4-2.0.1.el7.AXS7 (AXSA:2025-11534:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11534:07 advisory. CVE-2024-47606: allocator: avoid integer overflow when allocating sysmem Fix documentation build with the newer gtk-doc CVEs: CVE-2024-47606 GStreamer is a...

9.8CVSS8.1AI score0.01344EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.2 views

MiracleLinux 9 : postgresql:16 (AXSA:2025-10800:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10800:01 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation...

8.8CVSS8.5AI score0.00709EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 9 : ghostscript-9.54.0-18.el9_6 (AXSA:2025-10460:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10460:03 advisory. ghostscript: dangling pointer in gdevprnopenprinterseekable CVE-2023-46751 ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling...

8.4CVSS6.7AI score0.0153EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.3 views

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is a suite of standalone Mozilla Application Suite Mozilla Thunderbird is a stand-alone e-mail client software from the Mozilla...

9.8CVSS7.5AI score0.00404EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.2 views

PT-2026-2654

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 147 Thunderbird versions prior to 147 Description The software contains memory safety bugs that could potentially lead to arbitrary code execution. Some of these bugs demonstrate evidence of memory corruption...

9.8CVSS5.7AI score0.00404EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.2 views

PT-2026-2767

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim...

8.6CVSS7.7AI score0.00716EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.3 views

Adobe Dreamweaver Desktop 操作系统命令注入漏洞

Adobe Dreamweaver Desktop is a web design and development software from Adobe. An operating system command injection vulnerability exists in Adobe Dreamweaver Desktop 21.6 and earlier versions, which stems from improper neutralization of specific elements in OS commands, and could lead to OS...

8.6CVSS6AI score0.00716EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 9 : freetype-2.10.4-9.el9.ML.2 (AXSA:2025-9776:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9776:01 advisory. An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph...

8.1CVSS7.7AI score0.23357EPSS
Exploits1References2
Kaspersky
Kaspersky
added 2026/01/13 12:0 a.m.6 views

KLA90833 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1...

9.8CVSS6.2AI score0.0057EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2026/01/13 12:0 a.m.8 views

KLA90835 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Denial of...

10CVSS6.2AI score0.0057EPSS
Exploits1References3
Mozilla
Mozilla
added 2026/01/13 12:0 a.m.11 views

Security Vulnerabilities fixed in Thunderbird 140.7 — Mozilla

Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

9.8CVSS7.8AI score0.0057EPSS
Exploits0References13Affected Software1
Adobe
Adobe
added 2026/01/13 12:0 a.m.18 views

APSB26-01 : Security update available for Adobe DreamWeaver

Adobe has released a security update for Adobe Dreamweaver. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and arbitrary file system write...

8AI score
Exploits0Affected Software1
Adobe
Adobe
added 2026/01/13 12:0 a.m.18 views

APSB26-04 : Security update available for Adobe InCopy

Adobe has released a security update for Adobe InCopy. This update addresses a critical vulnerability that could lead to arbitrary code execution...

7.8CVSS7.8AI score0.00186EPSS
Exploits0Affected Software1
Rows per page
Query Builder