Google Chrome memory misreference vulnerability (CNVD-2026-15404)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a memory misreference vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

CVE-2026-30457

CVE-2026-30457 affects Daylight Studio FuelCMS v1.5.2 in the internal /parser/dwoo component. The issue allows attackers to execute arbitrary PHP code through crafted PHP input, indicating a code-execution vulnerability with a high impact. The available sources identify the affected software/vers...

PT-2026-28222

The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can alter contents of that folder. It may allow a...

OpenClaw has an unspecified vulnerability (CNVD-2026-16049)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to execute arbitrary code without sandbox escape...

River Past CamDo 缓冲区错误漏洞

River Past CamDo is a screen recording and camera capture tool developed by River Past Corporation. Version 3.7.6 of River Past CamDo contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the structured exception handler, which may allow local attackers to...

AlmaLinux 9 : vim (ALSA-2026:5602)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5602 advisory. vim: Vim: Arbitrary code execution via 'helpfile' option processing CVE-2026-25749 Tenable has extracted the preceding description block directly from the AlmaLinu...

Nsasoft Nsauditor 缓冲区错误漏洞

Nsasoft Nsauditor is a network security software developed by the American company Nsasoft. Version Nsasoft Nsauditor 3.0.28.0 contains a buffer error vulnerability, which stems from buffer overflows during structured exception handling. This vulnerability could allow for the execution of arbitra...

PT-2026-28221

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...

OpenClaw Arbitrary Code Execution Vulnerability (CNVD-2026-16394)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an arbitrary code execution vulnerability that can be exploited by an attacker to execute an attacker-controlled binary...

FUEL CMS 安全漏洞

FUEL CMS is a content management system CMS developed by David McReynolds using the Codelgniter framework. Version 1.5.2 of FUEL CMS contains a security vulnerability, which stems from issues with the /parser/dwoo component. Attackers can execute arbitrary code through specially crafted PHP code...

PT-2026-31961

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.22 Description OpenClaw contains a flaw in its handling of environment variable overrides. Inconsistent sanitization paths allow attackers to bypass shared host environment policies by supplying blocked or...

Google Chrome heap buffer overflow vulnerability (CNVD-2026-15403)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a heap buffer overflow vulnerability that is caused by incorrect boundary checking in WebGL. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause an application to...

RHEL 10 : freerdp (RHSA-2026:5939)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5939 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

ALSA-2026:5939 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write ...

CVE-2026-30457

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code...

PT-2026-28398

Name of the Vulnerable Software and Affected Versions FuelCMS version 1.5.2 Description An issue exists in the /parser/dwoo component that allows attackers to execute arbitrary code through crafted PHP code. The affected component is susceptible to code execution when processing specially designe...

Google Chrome integer overflow vulnerability (CNVD-2026-15405)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an integer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

CVE-2026-30457

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code...

RHEL 10 : freerdp (RHSA-2026:5936)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5936 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

Google Chrome Resource Management Error Vulnerability (CNVD-2026-15395)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a resource management error vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the sandbox via specially crafted HTML pages...