Microsoft Office 安全漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.24 (SUSE-SU-2026:0219-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0219-1 advisory. Update to go1.24.12 released 2026-01-15 bsc1236217 Security fixes: - CVE-2025-61730: crypto/tls:...

CVE-2026-0787

ALGO 8180 IP Audio Alerter SAC Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific fl...

CVE-2025-15349 Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability

Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

CVE-2021-47864

OSAS Traverse Extension 11 contains an unquoted service path vulnerability in the TravExtensionHostSvc service running with LocalSystem privileges. Attackers can exploit the unquoted path to inject and execute malicious code by placing executable files in the service's path, potentially gaining...

HID Global ActivIdentity code-related vulnerabilities

HID Global ActivIdentity is a digital identity authentication and security credential management system developed by HID Global in the United States. Version 8.2 of HID Global ActivIdentity contains a code vulnerability; this vulnerability stems from an unquoted service path in the ac.sharedstore...

MiracleLinux 8 : perl-App-cpanminus:1.7044 (5.24) (AXSA:2024-9045:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9045:04 advisory. perl-App-cpanminus: Insecure HTTP in App::cpanminus Allows Code Execution Vulnerability CVE-2024-45321 Tenable has extracted the preceding description block...

MiracleLinux 8 : perl-App-cpanminus:1.7044 (5.30) (AXSA:2024-9043:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9043:02 advisory. perl-App-cpanminus: Insecure HTTP in App::cpanminus Allows Code Execution Vulnerability CVE-2024-45321 Tenable has extracted the preceding description block...

RockyLinux 9 : gpsd-minimal (RLSA-2026:0771)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0771 advisory. gpsd: gpsd: Denial of Service due to malformed NAVCOM packet parsing CVE-2025-67269 gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds wri...

MiracleLinux 7 : gcc-4.8.5-16.el7.2 (AXBA:2018-2593:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXBA:2018-2593:01 advisory. - Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker...

Macro Expert code issue vulnerabilities

Macro Expert is a robotics process automation software developed by Macro Expert Corporation. Version 4.7 of Macro Expert contains a code vulnerability; this vulnerability stems from service paths that are not enclosed in quotes, which may allow for the execution of arbitrary code...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by free usage in ANGLE. An attacker can exploit the vulnerability to execute arbitrary code on a system...

MiracleLinux 7 : qemu-kvm-1.5.3-156.el7.3 (AXSA:2018-3206:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3206:05 advisory. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Tenable has extracted the...

CVE-2023-54329

Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a malicious payload t...

CVE-2025-68271

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From 5.0.0 to 6.10.1, OpenC3 COSMOS contains a critical remote code execution vulnerability reachable through the JSON-RPC API. When a JSON-RPC request uses the string form of...

CVE-2023-25439

Stored Cross Site Scripting XSS vulnerability in Square Pig FusionInvoice 2023-1.0, allows attackers to execute arbitrary code via the description or content fields to the expenses, tasks, and customer details...

CVE-2023-31465

An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named argx, with x an integer starting from 1; it is possible t...

CVE-2023-40825

An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker to execute arbitrary code via crafted plugin listed in admin/plugin/access/list...

CVE-2021-27112

LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images...

CVE-2022-33889

A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution...