113952 matches found
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Samsung MagicINFO 9 Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the produ...
RockyLinux 10 : vim (RLSA-2026:7711)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7711 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure vi...
Adobe Framemaker Untrusted Search Path Vulnerability
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. An untrusted search path vulnerability exists in Adobe Framemaker, which could be exploited by an attacker to caus...
Adobe InDesign Desktop Out-of-Bounds Read Vulnerability (CNVD-2026-19442)
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute arbitrary code on the system...
Adobe InDesign Desktop Memory Misreference Vulnerability
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe InDesign Desktop, which can be exploited by an attacker to execute arbitrary code on the system...
Adobe InCopy Out-of-Bounds Write Vulnerability (CNVD-2026-19437)
Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code on the system...
GIMP 安全漏洞
GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability, which stems from a buffer overflow in the GIF image loading component called the ReadJeffsImage function. This vulnerability could lead to denial of service or the execution of arbitrary code...
RockyLinux 9 : firefox (RLSA-2026:7671)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7671 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of service...
Adobe Bridge heap buffer overflow vulnerability (CNVD-2026-17717)
Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
Adobe Bridge heap buffer overflow vulnerability (CNVD-2026-17742)
Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on a system or cause an application to crash...
Adobe Framemaker Numeric Error Vulnerability (CNVD-2026-19995)
Adobe Framemaker is a professional desktop publishing software for creating and editing large technical documents. A numeric error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...
Adobe Framemaker Memory Misreference Vulnerability (CNVD-2026-19999)
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A memory misreference vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause...
Adobe Framemaker Out-of-Bounds Write Vulnerability (CNVD-2026-19996)
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. An out-of-bounds write vulnerability exists in Adobe Framemaker, which could be exploited by an attacker to cause...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the multiple writer sinks such as serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata, and default value emission. An attacker can execute arbitra...
CVE-2026-39842 OpenRemote is Vulnerable to Expression Injection
OpenRemote is an open-source IoT platform. Versions 1.21.0 and below contain two interrelated expression injection vulnerabilities in the rules engine that allow arbitrary code execution on the server. The JavaScript rules engine executes user-supplied scripts via Nashorn's ScriptEngine.eval...
CVE-2026-39842 OpenRemote is Vulnerable to Expression Injection
OpenRemote is an open-source IoT platform. Versions 1.21.0 and below contain two interrelated expression injection vulnerabilities in the rules engine that allow arbitrary code execution on the server. The JavaScript rules engine executes user-supplied scripts via Nashorn's ScriptEngine.eval...
CVE-2026-27298
Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Resource Using Incompatible Type 'Type Confusion' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2026-27290
Adobe Framemaker versions 2022.8 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the application uses a search path to locate critical resources such as programs, then an attacker could...
CVE-2026-27297
CVE-2026-27297 affects Adobe FrameMaker 2022.8 and earlier. The vulnerability is an Integer Underflow/Wrap or Wraparound in FrameMaker, potentially allowing arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious file. Affected ...
CVE-2026-27297 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...