206166 matches found
Fortinet Fortigate Heap-based buffer overflow in cw_acd daemon (FG-IR-25-084)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-084 advisory. - A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS...
MiracleLinux 9 : freetype-2.10.4-9.el9.ML.2 (AXSA:2025-9776:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9776:01 advisory. An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph...
MiracleLinux 7 : gstreamer1-1.10.4-2.0.1.el7.AXS7 (AXSA:2025-11534:07)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11534:07 advisory. CVE-2024-47606: allocator: avoid integer overflow when allocating sysmem Fix documentation build with the newer gtk-doc CVEs: CVE-2024-47606 GStreamer is a...
Hewlett Packard Enterprise ArubaOS 安全漏洞
Hewlett Packard Enterprise ArubaOS HPE ArubaOS is a networked wireless operating system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise ArubaOS that stems from the presence of a stack overflow that could lead to the execution of arbitrary code...
PT-2026-2393
Name of the Vulnerable Software and Affected Versions ProtonVPN version 1.26.0 Description ProtonVPN version 1.26.0 has an issue with an unquoted service path in its WireGuard service configuration. This could allow local attackers to potentially run arbitrary code. The issue arises because of th...
PT-2026-2399
Name of the Vulnerable Software and Affected Versions Cobian Backup version 0.9 Description A local user can execute arbitrary code with elevated system privileges. This is due to an unquoted service path in the CobianReflectorService, allowing attackers to inject malicious code that executes wit...
APSB26-01 : Security update available for Adobe DreamWeaver
Adobe has released a security update for Adobe Dreamweaver. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and arbitrary file system write...
APSB26-02 : Security update available for Adobe InDesign
Adobe has released a security update for Adobe InDesign. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution and memory exposure...
APSB26-07 : Security update available for Adobe Bridge
Adobe has released a security update for Adobe Bridge. This update addresses a critical vulnerability that could lead to arbitrary code execution...
APSB26-04 : Security update available for Adobe InCopy
Adobe has released a security update for Adobe InCopy. This update addresses a critical vulnerability that could lead to arbitrary code execution...
APSB26-09 : Security update available for Adobe Substance 3D Stager
Adobe has released an update for Adobe Substance 3D Stager. This update addresses a critical vulnerability in Adobe Substance 3D Stager that could lead to arbitrary code execution...
KLA90833 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1...
KLA90835 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Denial of...
Adobe Dreamweaver Desktop 操作系统命令注入漏洞
Adobe Dreamweaver Desktop is a web design and development software from Adobe. An operating system command injection vulnerability exists in Adobe Dreamweaver Desktop 21.6 and earlier versions, which stems from improper neutralization of specific elements in OS commands, and could lead to OS...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is a suite of standalone Mozilla Application Suite Mozilla Thunderbird is a stand-alone e-mail client software from the Mozilla...
PT-2026-2654
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 147 Thunderbird versions prior to 147 Description The software contains memory safety bugs that could potentially lead to arbitrary code execution. Some of these bugs demonstrate evidence of memory corruption...
PT-2026-2767
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim...
Security Vulnerabilities fixed in Thunderbird 140.7 — Mozilla
Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...
PT-2026-2391
Name of the Vulnerable Software and Affected Versions PTPublisher version 2.3.4 Description The software contains an unquoted service path vulnerability in the PTProtect service. This allows local attackers to potentially execute arbitrary code with elevated privileges. The vulnerable path is...
Cobian Backup 代码问题漏洞
Cobian Backup is a file backup software by Luis Cobian Personal Developer. A code issue vulnerability exists in Cobian Backup version 0.9, which stems from the presence of an unquoted service path to the CobianReflectorService, which could lead to the execution of arbitrary code by a local user...