1086399 matches found
ECHO-C0FA-321C-6E4C
Bulletin has no description...
ECHO-C139-E33A-BAB6
Bulletin has no description...
ECHO-F711-BD38-EB32
Bulletin has no description...
ECHO-5B4F-C36E-7F44
Bulletin has no description...
EUVD-2026-37831
A critical remote code execution RCE vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This advisory also applies to all CPS versions The identified vulnerability also impacts Windchill and...
CVE-2026-12569
This CVE affects PTC Windchill PDMlink and PTC FlexPLM (and CPS) with a critical remote code execution via deserialization of untrusted data. Affected versions are Windchill PDMlink and FlexPLM prior to 11.0 M030 (per multiple sources), with remediation to 11.0 M030 or later. The issue is exploit...
CVE-2026-12569 Remote Code Execution (RCE) vulnerability in Windchill PDMlink
A critical remote code execution RCE vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This advisory also applies to all CPS versions The identified vulnerability also impacts Windchill and...
PT-2026-50741
Name of the Vulnerable Software and Affected Versions Zitadel versions 4.0.0 through 4.15.1 Zitadel versions 3.0.0 through 3.4.11 Description The OAuth2 / OIDC CodeExchange and RefreshToken implementations fail to validate that the requesting client matches the client that originally initiated th...
PT-2026-50774
Name of the Vulnerable Software and Affected Versions AzeoTech DAQFactory versions prior to 21.2 Description A Type Confusion issue exists where an attacker can use specially crafted .ctl files to achieve arbitrary code execution. Type Confusion occurs when a program accesses a resource using a...
PT-2026-50811
Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 9.13 through 9.15 Description A read-only transaction bypass exists in the pgAdmin 4 AI Assistant, allowing an attacker who can influence database content read by the assistant to execute arbitrary SQL with the privileges of...
PT-2026-50746
Name of the Vulnerable Software and Affected Versions Docker MCP Plugin affected versions not specified Description A flaw in the OCI image label parsing allows an attacker to inject arbitrary arguments into the docker run command line. This occurs because the io.docker.server.metadata label is...
Siemens RUGGEDCOM RST2428P External Control of File Name or Path (CVE-2026-26157)
A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentiall...
ROS-20260618-73-0023
The vulnerability in ImageMagick 7 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260618-73-0024
The vulnerability in ImageMagick is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
PT-2026-50820
Name of the Vulnerable Software and Affected Versions AVer PTC500S affected versions not specified AVer PTC115 affected versions not specified AVer PTC500+ affected versions not specified AVer PTC115+ affected versions not specified Description Improper input validation in these networked...
Vim < 9.2.0496 Code Injection (GHSA-4473-94jm-w5x9)
The version of Vim installed on the remote host is prior to 9.2.0496. It is, therefore, affected by a vulnerability as referenced in the GHSA-4473-94jm-w5x9 advisory. - A code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds...
Vim < 9.2.0561 Code Injection (GHSA-52mc-rq6p-rc7c)
The version of Vim installed on the remote host is prior to 9.2.0561. It is, therefore, affected by a vulnerability as referenced in the GHSA-52mc-rq6p-rc7c advisory. - The Python omni-completion script python3complete.vim for Vim with the +python3 interpreter enabled executes import and from...
Joomla! Extension 'JCE' < 2.9.99.5 Remote Code Execution
The version of the JCE Joomla Content Editor extension for the Joomla! application running on the remote host is prior to 2.9.99.5. It is, therefore, affected by an improper access control vulnerability. The extension allows the creation of new editor profiles for unauthenticated users, ultimatel...
Siemens SIMATIC S7-1500 TM MFP Use After Free (CVE-2026-28387)
Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...
AlmaLinux 10 : dracut (ALSA-2026:26532)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:26532 advisory. dracut: dracut: Root code execution via DHCP options command injection CVE-2026-6893 Tenable has extracted the preceding description block directly from the...