1086798 matches found
Zoho ManageEngine - Remote Code Execution
Zoho ManageEngine Password Manager Pro, PAM 360, and Access Manager Plus are susceptible to unauthenticated remote code execution via XML-RPC. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary...
Apache ActiveMQ < 5.16.5/5.17.3 - Remote Code Execution
Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandlerhandlePostRequest is able to create JmxRequest...
ZeroShell <= 1.0beta11 Remote Code Execution
ZeroShell 1.0beta11 and earlier via cgi-bin/kerbynet allows remote attackers to execute arbitrary commands through shell metacharacters in the type parameter in a NoAuthREQ x509List action. id: CVE-2009-0545 info: name: ZeroShell = 1.0beta11 Remote Code Execution author: geeknik severity: critica...
ECHO-321F-39D2-90A5
Bulletin has no description...
ECHO-E31B-3EF0-93B2
Bulletin has no description...
MINI-JJ9H-HXG7-7494
Bulletin has no description...
CGA-M4XP-J852-PMGC
Bulletin has no description...
CGA-F24Q-H7CX-C3FR
Bulletin has no description...
CGA-PJF7-Q3VG-8MFM
Bulletin has no description...
CGA-74WX-726R-C225
Bulletin has no description...
CGA-58HJ-56F7-4FFQ
Bulletin has no description...
CGA-CXWC-VVV2-GXJW
Bulletin has no description...
CVE-2026-49121
A flaw was found in AI Tensor Engine for ROCm AITER. This vulnerability allows unauthenticated remote attackers to execute arbitrary code by sending a specially crafted data package, known as a pickle payload, to a ZeroMQ ZMQ subscriber socket. This exploitation is possible due to a lack of...
[SECURITY] [DLA 4636-1] thunderbird security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4636-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 19, 2026 https://wiki.debian.org/LTS -...
GHSA-V2WW-5RH7-2H5V
creationtimestamp| type| source ---|---|--- 2026-06-19 08:11:42+00:00| seen| https://gist.github.com/alon710/4cbfed841590889a9a5bb73b59d8bf8b...
Malicious code in assert-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e21fa9c37e9944a00f7e85c7476f8fd4dc6bcd1f8fcd064a90488ef93d5bd12 [email protected] impersonates the chai assertion library bundles chai's source, contributors, and API surface under a different author and homepage...
MAL-2026-6200 Malicious code in assert-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e21fa9c37e9944a00f7e85c7476f8fd4dc6bcd1f8fcd064a90488ef93d5bd12 [email protected] impersonates the chai assertion library bundles chai's source, contributors, and API surface under a different author and homepage...
GHSA-24VR-RPRV-67RF
creationtimestamp| type| source ---|---|--- 2026-06-19 07:42:00+00:00| seen| https://gist.github.com/alon710/98155855dc1ad0c23a241957e18cbd67...
Malicious code in build-tracker-n5p1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e731775fde27ad6db493d20397b27eee9b4a6ea0bf515f9516cc974ea3e12619 Package name suggests build telemetry tooling, but the tarball ships beacon scripts beacon18.js, beaconlinux.js wired to a postinstall lifecycle hook...
SUSE-SU-2026:22171-1 Security update for ansible-core
This update for ansible-core fixes the following issue - CVE-2026-11332: argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822...