CVE-2025-27398

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of...

CVE-2025-27393

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly sanitize user input when creating new users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device...

CVE-2025-23401

A vulnerability has been identified in Teamcenter Visualization V14.3 All versions V14.3.0.13, Teamcenter Visualization V2312 All versions V2312.0009, Teamcenter Visualization V2406 All versions V2406.0007, Teamcenter Visualization V2412 All versions V2412.0002, Tecnomatix Plant Simulation V2302...

CVE-2025-27438

A vulnerability has been identified in Teamcenter Visualization V14.3 All versions V14.3.0.13, Teamcenter Visualization V2312 All versions V2312.0009, Teamcenter Visualization V2406 All versions V2406.0007, Teamcenter Visualization V2412 All versions V2412.0002, Tecnomatix Plant Simulation V2302...

CVE-2025-27438

CVE-2025-27438 affects Siemens Teamcenter Visualization and Tecnomatix Plant Simulation products. The issue is an out-of-bounds/read past end of an allocated structure while parsing specially crafted WRL files, leading to potential code execution in the current process. Affected versions include ...

CVE-2025-23401

A vulnerability has been identified in Teamcenter Visualization V14.3 All versions V14.3.0.13, Teamcenter Visualization V2312 All versions V2312.0009, Teamcenter Visualization V2406 All versions V2406.0007, Teamcenter Visualization V2412 All versions V2412.0002, Tecnomatix Plant Simulation V2302...

CVE-2025-23399

The CVE-2025-23399 entry covers multiple Siemens Teamcenter Visualization and Tecnomatix Plant Simulation products vulnerable to an out-of-bounds read past the end of an allocated structure while parsing specially crafted WRL files. Affected versions include Teamcenter Visualization V14.3 (<0....

End of support for Office 2016 and Office 2019

None None...

CVE-2025-25977

An issue in canvg v.4.0.2 allows an attacker to execute arbitrary code via the Constructor of the class StyleElement...

Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome prior to version 134.0.6998.88, which stems from type obfuscation in V8 and can be exploited by an attacker to execute arbitrary code on a system...

Exploit for Code Injection in Rejetto Http_File_Server

This is a PoC exploit for CVE-2024-23692, a remote code executio...

CVE-2025-22835

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...

CVE-2024-13232

The WordPress Awesome Import & Export Plugin - Import & Export WordPress Data plugin for WordPress is vulnerable arbitrary SQL Execution and privilege escalation due to a missing capability check on the renderImport function in all versions up to, and including, 4.1.1. This makes it possible for...

CVE-2025-1316 Edimax IC-7100 IP Camera OS Command Injection

Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device...

CVE-2025-1080

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with...

PT-2025-9719

Name of the Vulnerable Software and Affected Versions: Edimax IC-7100 Description: The Edimax IC-7100 IP camera is vulnerable to a command injection flaw that allows for remote code execution. This vulnerability is actively exploited by Mirai-based botnets, beginning in May 2024, leveraging defau...

CVE-2025-0286 CVE-2025-0286

Various Paragon Software products contain an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine...

Linux Distros Unpatched Vulnerability : CVE-2009-0316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted search path vulnerability in src/ifpython.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan...

CVE-2025-27400

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Versions prior to 20.12.3 and 20.13.0 contain a vulnerability that allows script execution in the admi...