Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. A type confusion vulnerability exists in Google Chrome's Turbofan compiler. The vulnerability stems from Turbofan's failure to properly handle types in certain JavaScript code, which can be exploited by an attacker to execute arbitrary code in t...

PT-2026-33061

During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges...

Adobe Bridge heap buffer overflow vulnerability (CNVD-2026-17718)

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Adobe Framemaker Numeric Error Vulnerability (CNVD-2026-19994)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A numeric error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause arbitrary...

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow, whic...

Adobe Bridge heap buffer overflow vulnerability (CNVD-2026-17735)

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on a system or cause an application to crash...

PT-2026-33167

Name of the Vulnerable Software and Affected Versions FFmpeg affected versions not specified Description A signed integer overflow exists in the DVD subtitle parser's fragment reassembly bounds checks. A remote attacker can exploit this by providing a specially crafted MPEG-PS/VOB media file...

Microsoft vcpkg OpenSSL Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on applications built using the Microsoft vcpkg port of OpenSSL. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

Linux Distros Unpatched Vulnerability : CVE-2026-6384

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's ReadJeffsImage function allows an attacker to write beyond an...

AlmaLinux 10 : vim (ALSA-2026:7711)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7711 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure via...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. An out-of-bounds read vulnerability exists in the Media component of Google Chrome. The vulnerability stems from a failure of the Media component to properly handle certain UI gestures and can be exploited by an attacker to execute arbitrary cod...

Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Samsung MagicINFO 9 Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the produ...

Adobe Photoshop Installer 安全漏洞

Adobe Photoshop Installer is a installation program for the image editing software Adobe Photoshop. The Adobe Photoshop Installer has a security vulnerability, which stems from uncontrolled search path elements, potentially allowing arbitrary code to be executed in the current user environment...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. Google Chrome suffers from a memory misreference vulnerability. The vulnerability stems from a failure of the Cast component to properly handle memory objects and can be exploited by an attacker to execute arbitrary code via a specially crafted...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in the Google Chrome Forms component, which can be exploited by an attacker to execute arbitrary code from a specially crafted HTML page in a sandbox...

(0Day) Docker Desktop System Editor Uncontrolled Search Path Element Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to escape the container and execute high-privileged code within the Docker Hyper-V VM in order to exploit this vulnerability. The specific flaw...

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-19446)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

RockyLinux 10 : firefox (RLSA-2026:7672)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7672 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of service...

AlmaLinux 10 : openexr (ALSA-2026:7682)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:7682 advisory. openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing CVE-2026-27622 Tenable has extracted the preceding description block direct...

RockyLinux 10 : vim (RLSA-2026:7711)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7711 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure vi...