Langflow 1.2.x - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Langflow 1.2.x - Remote Code Execution RCE Date: 2025-07-11 Exploit Author: Raghad Abdallah Al-syouf Vendor Homepage: https://github.com/logspace-ai/langflow Software Link: https://github.com/logspace-ai/langflow/releases Version: = 1.2.x Tested on: Ubuntu /...

Luxion KeyShot 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DM...

CVE-2025-47122

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-3946

The Honeywell Experion PKS and OneWireless WDM contains a Deployment of Wrong Handler vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in incorrect handling of packets leading t...

WordPress GB Forms DB plugin <= 1.0.2 - Unauthenticated Remote Code Execution vulnerability

Unauthenticated Remote Code Execution vulnerability discovered by CVEhunter in WordPress Plugin GB Forms DB versions = 1.0.2...

CVE-2025-49703

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...

CVE-2025-53546

Folo organizes feeds content into one timeline. Using pullrequesttarget on .github/workflows/auto-fix-lint-format-commit.yml can be exploited by attackers, since untrusted code can be executed having full access to secrets from the base repo. By exploiting the vulnerability is possible to...

CVE-2025-47128 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-49714 Visual Studio Code Python Extension Remote Code Execution Vulnerability

...

CVE-2025-49704 Microsoft SharePoint Remote Code Execution Vulnerability

...

CVE-2025-49669 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

CVE-2025-48822

CVE-2025-48822 is an out-of-bounds read vulnerability in Windows Hyper-V that could enable local code execution. The connected NCSC entry explicitly lists the impact as Execution of arbitrary code on Windows Hyper‑V, with CVSS base score 8.6 (LOCAL, HIGH). The documents do not provide additional ...

CVE-2025-49672 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

Microsoft SharePoint Remote Code Execution Vulnerability

Improper control of generation of code 'code injection' in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PT-2025-28572 · Microsoft · Windows Nt Rras +1

Name of the Vulnerable Software and Affected Versions: Windows Routing and Remote Access Service RRAS affected versions not specified Description: The issue is related to a heap-based buffer overflow in the Windows Routing and Remote Access Service RRAS, which allows an unauthorized attacker to...

Microsoft Office 安全漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

Siemens SINEC NMS unZipJarFilestoLocation Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens SINEC NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the implementation of the...

Adobe Experience Manager 6.0.0.0.0.0 < 6.5.0.0.20250527.0 Arbitrary code execution (APSB25-67)

The version of Adobe Experience Manager installed on the remote host is prior to 6.5.0.0.20250527.0. It is, therefore, affected by a vulnerability as referenced in the APSB25-67 advisory. - Adobe Experience Manager MS versions 6.5.23.0 and earlier are affected by a Deserialization of Untrusted Da...

CVE-2025-6794 Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability

Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw...