Microsoft Excel Code Execution Vulnerability (CNVD-2026-19430)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel Code Execution Vulnerability (CNVD-2026-19429)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Excel 资源管理错误漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

baserCMS 安全漏洞

BaserCMS is a corporate-level content management system CMS developed by the BaserCMS team. Versions of BaserCMS prior to 5.2.3 contained security vulnerabilities. These vulnerabilities stemmed from the application’s restoration function, which allowed users to upload zip files and have them...

RHEL 8 : freerdp (RHSA-2026:6005)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6005 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

CVE-2021-27102

Accellion FTA 912411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA912416 and later...

MCP Code Executor 命令注入漏洞

MCP Code Executor is a code execution server developed by bazinga012. Versions of MCP Code Executor prior to 0.3.0 have a command injection vulnerability, which stems from incorrect operations on the function installDependencies in the file src/index.ts, potentially leading to command injection...

RockyLinux 8 : vim (RLSA-2026:4442)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:4442 advisory. vim: Vim: Arbitrary code execution via 'helpfile' option processing CVE-2026-25749 Tenable has extracted the preceding description block directly from the...

PT-2026-23654

Natro Macro is an open-source Bee Swarm Simulator macro written in AutoHotkey. Prior to version 1.1.0, any ahk code contained inside of a pattern or path file is executed by the macro. Since users commonly share path/pattern files, an attacker could share a file containing malicious code, which i...

CVE-2026-21421

Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

Google Chrome Code Execution Vulnerability (CNVD-2026-18791)

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Hyper-V Code Execution Vulnerability (CNVD-2026-17151)

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A code execution vulnerability exists in Microsoft Hyper-V, which can be exploited by an attacker to execute arbitrary code on a system...

PT-2026-22221

Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.2.0 Description Kiteworks, a private data network, contains a flaw in its command execution functionality. Authenticated users can redirect command output to arbitrary file locations, potentially overwriting...

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products, which...

CVE-2026-21352

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A code execution vulnerability exists in several Apple products, which can be exploited by an attacker to execute arbitrary code...

CVE-2026-21229

Power BI is affected by CVE-2026-21229 due to improper input validation, enabling an authorized attacker to execute code over a network. CVSS v3.1 base score 8.0 (High). Refer to Microsoft MSRC advisory for mitigations and updates.

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome, which can be exploited by an attacker to execute arbitrary code on a system...

EUVD-2022-55951

Stripe Green Downloads Wordpress Plugin 2.03 contains a persistent cross-site scripting vulnerability allowing remote attackers to inject malicious scripts in button label fields. Attackers can exploit input parameters to execute arbitrary scripts, potentially leading to session hijacking and...

Acer Global Registration Service Code Vulnerability

Acer Global Registration Service is an official registration and warranty activation software for products of Acer, a company based in Taiwan, China. Version 1.0.0.3 of Acer Global Registration Service contains a code vulnerability; this vulnerability stems from a service path that lacks quotes,...