2840 matches found
WordPress ImageMagick Engine plugin < 1.7.11 - Administrator+ OS Command Injection vulnerability
Administrator+ OS Command Injection vulnerability discovered by Chaiwat Thongyaem in WordPress Plugin ImageMagick Engine versions 1.7.11...
CVE-2025-23123
A malicious actor with access to the management network could execute a remote code execution RCE by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras Version 4.75.43 and earlier firmware...
PT-2025-21990 · Unknown · Easyvirt Dc Netscope
Name of the Vulnerable Software and Affected Versions: EasyVirt DC NetScope versions 8.7.0 and earlier Description: The issue allows remote authenticated attackers to execute arbitrary code. This can be achieved via several parameters, including the lang parameter to...
Adobe Substance3D-Stager Resource Management Error Vulnerability (CNVD-2025-10387)
Adobe Substance3D-Stager is a 3D design and rendering software developed by Adobe for creating and presenting 3D scenes. Adobe Substance3D-Stager suffers from a resource management error vulnerability that can be exploited by attackers to execute arbitrary code...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-10510)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on the system...
Ivanti Endpoint Manager Mobile Code Execution Vulnerability
Ivanti Endpoint Manager Mobile EPMM is an enterprise-grade mobile device management solution for centralized management and protection of mobile devices in the enterprise, supporting device enrollment, application distribution, security policy enforcement, and more. A code execution vulnerability...
ruby:2.5 security update
ruby 2.5.9-114 - Fix integer overflow in searchinrange function in regexec.c CVE-2019-19012. Resolves: RHEL-87505 rubygem-abrt rubygem-bson rubygem-bundler 1.16.1-5 - Fix unexpected code execution in Gemfiles CVE-2021-43809 Resolves: RHEL-87017 rubygem-mongo rubygem-mysql2 rubygem-pg...
Security Updates for Outlook C2R (May 2025)
The Microsoft Outlook application installed on the remote host is missing a security update. It is, therefore, affected by a remote code execution vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...
CVE-2025-32704
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-4561
The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privilege to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
ALSA-2025:7539 Moderate: ruby:2.5 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read CVE-2019-19012 rubygem-bundler:...
Alibaba Cloud Linux 3 : 0147: php:7.4 (ALINUX3-SA-2022:0147)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0147 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-21703: In PHP versions 7.3.x up t...
Google Chrome Code Execution Vulnerability (CNVD-2025-10928)
Google Chrome is a web browser from Google, an American company. Google Chrome has a code execution vulnerability that can be exploited by attackers to cause heap corruption...
CVE-2025-30397
Access of resource using incompatible type 'type confusion' in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network...
CVE-2025-30382 Microsoft SharePoint Server Remote Code Execution Vulnerability
...
CVE-2025-30376 Microsoft Excel Remote Code Execution Vulnerability
...
CVE-2025-29977
CVE-2025-29977 is a Microsoft Excel remote code execution vulnerability caused by a use-after-free in Excel. Exploitation can allow an attacker with local access to execute arbitrary code; user interaction is required per the CVSS, with high impact on confidentiality, integrity and availability. ...
CVE-2025-29967 Remote Desktop Client Remote Code Execution Vulnerability
...
CVE-2025-29967 Remote Desktop Client Remote Code Execution Vulnerability
...
Low: Red Hat Security Advisory: xterm security update
An update for xterm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...