Adobe Framemaker 输入验证错误漏洞

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. An input validation error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause...

libsixel 资源管理错误漏洞

Libsixel is a software package developed by Hayaki Saito, which provides encoding/decoding implementations for DEC SIXEL graphics and other conversion programs. Versions of Libsixel 1.8.7 and earlier contained a resource management vulnerability. This vulnerability stemmed from a problem in the...

Microsoft Office Sharepoint Server 输入验证错误漏洞

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A spoofing...

Schneider Electric PowerChute Serial Shutdown 资源管理错误漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a Resource Management Error vulnerability that stems from uncontrolled resource consumption,...

Microsoft Desktop Windows Manager 资源管理错误漏洞

Microsoft Desktop Windows Manager is a desktop window manager from Microsoft USA. A security vulnerability exists in Microsoft Desktop Windows Manager. An attacker could exploit the vulnerability to elevate privileges...

Microsoft Brokering File System 资源管理错误漏洞

Microsoft Brokering File System is a file system from the American company Microsoft. A security vulnerability exists in Microsoft Brokering File System. An attacker could exploit the vulnerability to elevate privileges...

Microsoft Word 资源管理错误漏洞

Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel 资源管理错误漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Office 资源管理错误漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

Microsoft Windows Shell 资源管理错误漏洞

The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. An elevation of privilege...

Microsoft Azure Monitor Agent 输入验证错误漏洞

Microsoft Azure Monitor Agent is a monitoring agent program from Microsoft USA. A security vulnerability exists in Microsoft Azure Monitor Agent. An attacker can exploit the vulnerability to elevate privileges...

Important: nghttp2

Issue Overview: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API nghttp2sessionterminatesession or nghttp2sessionterminatesession2 is called by the application...

SUSE SLES15 Security Update : kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:1281-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1281-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.170 fixes various security issues The following security issues were fixed: ...

Adobe Bridge 数字错误漏洞

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a numeric error vulnerability that can be exploited by an attacker to cause a denial of service in the application...

Fortinet FortiWeb 缓冲区错误漏洞

Fortinet FortiWeb is a Web application layer firewall developed by the American company Fortinet. It can block threats such as cross-site scripting, SQL injection, cookie poisoning, and schema poisoning, ensuring the security of web applications and protecting sensitive database content. Fortinet...

Amazon Linux 2 : nghttp2, --advisory ALAS2-2026-3232 (ALAS-2026-3232)

The version of nghttp2 installed on the remote host is prior to 1.41.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3232 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...

Adobe Framemaker 数字错误漏洞

Adobe Framemaker is a professional desktop publishing software for creating and editing large technical documents. A numeric error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

Microsoft Hyper-V 数字错误漏洞

Microsoft Hyper-V is an application developed by Microsoft Corporation in the United States. It is a system management program that enables desktop virtualization. Microsoft Hyper-V has a numerical error vulnerability. Attackers can exploit this vulnerability to execute code. The following produc...

SUSE CVE-2026-31425

In the Linux kernel, the following vulnerability has been resolved: rds: ib: reject FRMR registration before IB connection is established rdsibgetmr extracts the rdsibconnection from conn-ctransportdata and passes it to rdsibregfrmr for FRWR memory registration. On a fresh outgoing connection, ic...

CVE-2026-39979

jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the input buffer using %s in jvstringfmt, which reads until a NUL terminat...