CVE-2026-6196

A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument cmdinput results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and...

Amazon Linux 2 : NetworkManager-libreswan (ALAS-2024-2703)

The version of NetworkManager-libreswan installed on the remote host is prior to 1.2.4-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2703 advisory. A flaw was found in the libreswan client plugin for NetworkManager NetkworkManager-libreswan, where it fails to...

CVE-2024-9050 Networkmanager-libreswan: local privilege escalation via leftupdown

A flaw was found in the libreswan client plugin for NetworkManager NetkworkManager-libreswan, where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading t...

Vembu BDR Suite Command Injection Vulnerability

Vembu BDR Suite is a virtual machine management system. A command injection vulnerability exists in Vembu BDR Suite that arises from a network system or product that does not properly filter specific elements of externally entered data during the construction of an executable command. An attacker...

Foxit Launches 'Safe Mode' to Counter PDF Attacks

Foxit Corp has added new security features to its alternative PDF reader software to help thwart recent malware attacks that exploit the “/launch” feature. With Foxit PDF Reader Version 3.3, the company has added a Safe Mode that blocks external commands from being executed by the software. The...