15091 matches found
EUVD-2025-179026
Malicious code in eta-refactor-execute-float-load npm...
EUVD-2025-175815
Malicious code in unix-zeta-star-execute-uglify npm...
EUVD-2025-178986
Malicious code in execute-java-short-cluster-bundle npm...
EUVD-2025-179742
Malicious code in chi-short-export-assert-execute npm...
MAL-2025-190242 Malicious code in water-execute-rain-root-cloud (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6de575c2b404267b02a2a3ca2c624486aef9c70fac497b83043375c8c4080eac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-9223
Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature...
CVE-2025-42894
Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system...
Security Updates for Microsoft Office Products (November 2025) (macOS)
The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the november-11-2025 advisory. - Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. CVE-2025-60724 ...
Vulnerabilities fixed in Microsoft Office
Microsoft has fixed vulnerabilities in several Office products. A malicious party can exploit the vulnerabilities to grant themselves elevated privileges, execute arbitrary code in the victim's context and gain access to sensitive data. Successful exploitation requires the malicious party to tric...
EUVD-2025-93429
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2025-93432
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2025-93434
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2025-84349
Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature...
Redis: Redis: Authenticated users can execute LUA scripts as a different user
A code injection vulnerability in Redis Lua scripting where an authenticated user can craft a Lua script to manipulate objects and potentially execute code in another user’s context...
CVE-2025-9223
ZOHO ManageEngine Applications Manager, affected through CVE-2025-9223, versions 178100 and below, is vulnerable to an authenticated command injection due to misconfiguration in the Execute Program/execute program action feature. The vulnerability allows total command execution with HIGH impact (...
CVE-2025-9223 Command Injection
Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature...
EUVD-2025-60985
Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system...
CVE-2025-42894
Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system...
CVE-2025-42894 Path Traversal vulnerability in SAP Business Connector
Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system...
PT-2025-46234
Name of the Vulnerable Software and Affected Versions SAP Business Connector affected versions not specified Description A Path Traversal issue exists in SAP Business Connector. An attacker with administrator privileges and adjacent access can read, write, overwrite, and delete arbitrary files on...