CVE-2025-22700 WordPress Traveler Code plugin < 3.1.3 - Subscriber+ Arbitrary SQL Execution vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler Code traveler-code.This issue affects Traveler Code: from n/a through 3.1.3...

CVE-2025-1011

A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability affects Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

CVE-2024-57099

ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by constructing a payload in the classview parameter of the model management feature, allowing them to execute arbitrary code and potentially take control of the server...

CVE-2024-57099

ClassCMS v4.8 is exposed to a code execution vulnerability exploitable through the classview parameter in the model management feature. An attacker can supply a crafted payload to achieve arbitrary code execution and potentially take full control of the server. The issue is documented across mult...

CVE-2024-24731

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the httpdownload command. The issue results from t...

CVE-2024-11611

AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that th...

CVE-2024-11600

CVE-2024-11600 affects the WordPress plugin Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg (versions up to 1.5.9). The issue is authenticated Remote Code Execution via the write_config function, caused by insufficient sanitization of an imported JSON file, allowin...

CVE-2025-20014

CVE-2025-20014 affects mySCADA myPRO. A web service vulnerability allows unauthenticated POST requests (default port 34022) to inject commands due to improper input validation, enabling arbitrary code execution with root context. Affected by OS command injection via version information parameter;...

CVE-2024-31903

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data...

[SECURITY] [DSA 5847-1] snapcast security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5847-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 21, 2025 https://www.debian.org/security/faq -...

Microsoft Internet Explorer Code Execution Vulnerability

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from the American company Microsoft. A code execution vulnerability exists in Microsoft Internet Explorer due to a flaw in the Internet Explorer component. An attacker could exploit the vulnerability to...

Adobe Substance 3D Stager Stack Buffer Overflow Vulnerability

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. Adobe Substance 3D Stager suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2024-50563

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker ...

CVE-2020-8094 Untrusted Search Path Vulnerability in Bitdefender Antivirus Free 2020 (VA-8422)

An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file...

CVE-2024-41454

An arbitrary file upload vulnerability in the UI login page logo upload function of Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary code via uploading a crafted PHP or HTML file...

CVE-2025-21133 Illustrator on iPad | Integer Underflow (Wrap or Wraparound) (CWE-191)

Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21244

Windows Telephony Service Remote Code Execution Vulnerability...

CVE-2025-21236

Windows Telephony Service Remote Code Execution Vulnerability...

CVE-2025-21178

Visual Studio Remote Code Execution Vulnerability...