CVE-2025-67041

An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...

AlmaLinux 8 : postgresql:15 (ALSA-2026:4059)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4059 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

CVE-2025-70082

An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrxevo component...

Jellyfin 安全漏洞

Jellyfin is an open-source free software media system developed by Jellyfin. It allows you to control the management and streaming of media. It serves as a replacement for proprietary products like Emby and Plex, enabling the delivery of media from proprietary servers to end-user devices through...

Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-15384)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...

OpenClaw 安全漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code...

Lenovo ThinkPad 安全漏洞

Lenovo ThinkPad is a portable computer by Lenovo Corporation. The Lenovo ThinkPad has a security vulnerability, which stems from improper initialization issues in the BIOS of certain ThinkPads. This vulnerability may allow local privileged users to modify data and execute arbitrary code...

KLA90933 ACE vulnerability in Microsoft Browser

Memory safety vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories CVE-2026-3537 Exploitation Related products Microsoft-Edge CVE list CVE-2026-3537 critical Solution Install necessary...

spin.js 安全漏洞

spin.js is a JavaScript library developed by Felix Gnass. Versions of spin.js prior to 3.0.0 contained security vulnerabilities. These vulnerabilities stemmed from prototype pollution and cross-site scripting vulnerabilities in the spin function, which could allow attackers to execute arbitrary...

AlmaLinux 9 : postgresql (ALSA-2026:3730)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3730 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

PT-2026-24746

Name of the Vulnerable Software and Affected Versions Jellyfin versions affected versions not specified Description Jellyfin is an open-source media system. The code-quality.yml GitHub Actions workflow in the jellyfin/jellyfin-ios repository is susceptible to arbitrary code execution through pull...

CVE-2026-27271

Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27271

Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21362

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21362

CVE-2026-21362 affects Adobe Illustrator versions 29.8.4, 30.1 and earlier. The issue is an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user, requiring the user to open a malicious file. Multiple connected sources corroborate the same vuln...

CVE-2026-21362 Illustrator | Out-of-bounds Write (CWE-787)

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27272 Illustrator | Out-of-bounds Write (CWE-787)

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27272

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27272

CVE-2026-27272 affects Adobe Illustrator versions 29.8.4, 30.1 and earlier with an out-of-bounds write that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Multiple connected advisories (Red Hat, NCSC...

CVE-2026-27272 Illustrator | Out-of-bounds Write (CWE-787)

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...