Microsoft Excel 资源管理错误漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel 安全漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel 安全漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on the system...

Microsoft Excel 安全漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which is caused due to a heap buffer overflow. An attacker can exploit this vulnerability to execute arbitrary code on the system...

Ivanti Endpoint Manager Mobile 代码注入漏洞

Ivanti Endpoint Manager Mobile EPMM is an enterprise-grade mobile device management solution for centralized management and protection of mobile devices in the enterprise, supporting device enrollment, application distribution, security policy enforcement, and more. A code execution vulnerability...

Siemens OZW Web Servers Code Execution and SQL Injection Vulnerability

The OZW device web server is used for remote monitoring of building controller devices, e.g. for monitoring heating control or air conditioning status. A code execution and SQL injection vulnerability exists in the Siemens OZW672 and OZW772 web servers, which can be exploited by an attacker to...

Low: xterm security update

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fixes: xterm: code execution via OSC 50 input sequences CVE-2022-45063 For more details about the securi...

OZI-publish 安全漏洞

OZI-publish is an OZI Project open source project. A security vulnerability exists in OZI-publish versions 1.13.2 through 1.13.5, which stems from untrusted data flowing into the PR creation logic and could lead to the execution of arbitrary code...

Google Web Designer 安全漏洞

Google Web Designer is a professional-grade HTML5 advertising and web content authoring tool from Google, supporting visual design and code editing. A code execution vulnerability exists in Google Web Designer, which stems from improperly resolved symbolic links in the Preview feature, and can be...

IBM CICS TX gets code execution vulnerability

IBM CICS TX Standard is a comprehensive single transaction runtime package from International Business Machines IBM. A security vulnerability exists in the IBM CICS TX gets function handling DNS return requests, which can be exploited by a local attacker to submit a special request that can be us...

CVE-2025-47732 Microsoft Dataverse Remote Code Execution Vulnerability

...

CVE-2025-1331 IBM CICS TX code execution

IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function...

CVE-2025-1331

IBM CICS TX code execution (CVE-2025-1331) affects IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1/11.1. Root cause: unsafe use of the gets function, enabling a local user to execute arbitrary code. CVSS v3.1 base score 7.8 (LOCAL, HIGH impacts; privileges/impact). Remediation: apply fixe...

CVE-2025-1329 IBM CICS TX code execution

IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function...

CVE-2025-1329 IBM CICS TX code execution

IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function...

PT-2025-23779 · Delta Electronics · Cncsoft

Name of the Vulnerable Software and Affected Versions: Delta Electronics CNCSoft affected versions not specified Description: The issue is related to the lack of proper validation of user-supplied files in Delta Electronics CNCSoft. If a user opens a malicious file, an attacker can execute code i...

PT-2025-20426 · Ibm · Ibm Cics Tx Standard +1

Name of the Vulnerable Software and Affected Versions: IBM CICS TX Standard versions 11.1 IBM CICS TX Advanced versions 10.1 through 11.1 Description: The issue is due to the failure to handle DNS return requests by the gethostbyname function, which could allow a local user to execute arbitrary...

CVE-2025-44023

An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute arbitrary via the accountmgr.cgi-cgichgadminpw components...

CVE-2025-35939

Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at...

RLSA-2024:5298 Moderate: gnome-shell security update

GNOME Shell acts as a compositing manager for the desktop, and displays both application windows and other objects. It provides core interface functions like switching windows, launching applications, and notifications. It takes advantage of the capabilities of modern graphics hardware and...