Lucene search
K

1799 matches found

Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.12 views

PT-2026-7379

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.9 views

PT-2026-7373

Name of the Vulnerable Software and Affected Versions After Effects versions 25.6 and earlier Description The software is susceptible to an Integer Overflow or Wraparound issue that may lead to arbitrary code execution with the privileges of the current user. Successful exploitation requires a us...

7.8CVSS6.2AI score0.00211EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.158 views

📄 Microsoft Windows 11 build 10.0.27898.1000 Local Privilege Escalation

Proof of concept exploit designed to test a potential local privilege escalation vulnerability in Windows, specifically targeting a feature called AiRegistrySync. It checks if modifications made by a standard user in their own Registry profile can be automatically synchronized propagated into the...

5.9AI score
Exploits0
CNVD
CNVD
added 2026/01/19 12:0 a.m.3 views

Adobe InDesign Buffer Overflow Vulnerability (CNVD-2026-11773)

Adobe InDesign is a professional desktop publishing software developed by Adobe for layout and page layout in print and digital media. Adobe InDesign suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

7.8CVSS6.5AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/14 7:25 p.m.6 views

CVE-2026-21280

Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that...

8.6CVSS7.7AI score0.00221EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 7:16 p.m.4 views

CVE-2026-21274

Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute unauthorized code...

7.8CVSS6.3AI score0.00203EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 7:16 p.m.10 views

CVE-2026-21268

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

8.6CVSS0.00212EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 7:16 p.m.3 views

CVE-2026-21271

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

8.6CVSS6.3AI score0.00212EPSS
Exploits0References1
CVE
CVE
added 2026/01/13 6:25 p.m.14 views

CVE-2026-21271

Dreamweaver Desktop (Windows/macOS) versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that can lead to arbitrary code execution in the context of the current user when a user opens a malicious file. The issue requires user interaction and has been fixed in newer...

8.6CVSS7.3AI score0.00212EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/01/13 6:25 p.m.23 views

CVE-2026-21271 Dreamweaver Desktop | Improper Input Validation (CWE-20)

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

8.6CVSS0.00212EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/13 6:25 p.m.7 views

CVE-2026-21268 Dreamweaver Desktop | Improper Input Validation (CWE-20)

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

8.6CVSS7.3AI score0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.9 views

PT-2026-2768

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

8.6CVSS7.6AI score0.00212EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/24 12:30 a.m.6 views

EUVD-2025-204986

Soda PDF Desktop Launch Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Soda PDF Desktop. User interaction is required to exploit this vulnerability in that the target must visit a...

7CVSS7.1AI score0.00209EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/24 12:30 a.m.5 views

EUVD-2025-204966

MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to exploit this vulnerability but attack vectors m...

7CVSS7.3AI score0.00414EPSS
Exploits0References3
OSV
OSV
added 2025/12/23 10:15 p.m.4 views

CVE-2025-14412

Soda PDF Desktop XLS File Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Soda PDF Desktop. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2025/12/23 9:21 p.m.17 views

CVE-2025-14404

CVE-2025-14404 affects PDFsam Enhanced, where the flaw lies in the processing of XLS files. The root cause is the execution of dangerous scripts without a user warning, allowing a remote attacker to run arbitrary code in the context of the current user. Exploitation requires user interaction (the...

7CVSS7.1AI score0.00215EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/13 3:59 a.m.5 views

CVE-2025-13320

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filterinp...

6.8CVSS7.3AI score0.00687EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/12 7:43 a.m.7 views

WordPress WP User Manager plugin <= 2.9.12 - Authenticated (Subscriber+) Arbitrary File Deletion via 'current_user_avatar' Parameter vulnerability

Authenticated Subscriber+ Arbitrary File Deletion via 'currentuseravatar' Parameter vulnerability discovered by YCInfosec in WordPress Plugin WP User Manager versions = 2.9.12...

6.8CVSS6.8AI score0.00687EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/12 4:15 a.m.5 views

CVE-2025-13320

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filterinp...

6.8CVSS0.00687EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/12 3:20 a.m.5 views

EUVD-2025-202983

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filterinp...

6.8CVSS6.8AI score0.00687EPSS
Exploits0References8
Rows per page
Query Builder