588758 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-11674
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...
FreeBSD : strongSwan -- Double-free when destroying certain cloned identities that can lead to remote code execution (a207a367-6359-11f1-8c57-000af7b98cf6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a207a367-6359-11f1-8c57-000af7b98cf6 advisory. R. Elliott Childre reports: The clone method of the identificationt class doesn't correctly handle...
Security Updates for Microsoft Office Products (June 2026)
The Microsoft Office Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-44819, CVE-2026-44824, CVE-2026-45461, CVE-2026-45463,...
Linux Distros Unpatched Vulnerability : CVE-2026-11670
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...
Linux Distros Unpatched Vulnerability : CVE-2026-11643
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Proxy in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium...
Adobe Dreamweaver 21.0 < 21.8 Multiple Vulnerabilities (APSB26-62)
The version of Adobe Dreamweaver installed on the remote Windows host is prior to 21.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-62 advisory. - Dreamweaver Desktop versions 21.7 and earlier are affected by an Access of Uninitialized Pointer vulnerability...
ROS-20260609-73-0019
Vulnerability of the Graphics component: The text-based browsers Mozilla Firefox, Firefox ESR, and the email client Thunderbird are vulnerable to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
APSB26-56 : Security update available for Adobe Experience Manager
Adobe has released updates for Adobe Experience Manager AEM. This update resolves vulnerabilities rated important and moderate. Successful exploitation of these vulnerabilities could result in arbitrary code execution and security feature bypass...
APSB26-57 : Security update available for Adobe Experience Manager Forms
Adobe has released a security update for Adobe Experience Manager Forms on Java Enterprise Edition JEE. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution...
APSB26-65 : Security update available for Adobe Format Plugins
Adobe has released an update for Adobe Format Plugins. This update addresses critical vulnerabilities that could lead to arbitrary code execution...
APSB26-62 : Security update available for Adobe Dreamweaver
Adobe has released a security update for Adobe Dreamweaver. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution, memory exposure, and arbitrary file system read...
APSB26-59 : Security update available for Adobe InCopy
Adobe has released a security update for Adobe InCopy. This update addresses critical vulnerabilities that could lead to arbitrary code execution...
APSB26-58 : Security update available for Adobe InDesign
Adobe has released a security update for Adobe InDesign. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution, application denial-of-service, and memory exposure...
APSB26-64 : Security update available for Adobe ColdFusion
Adobe has released security updates for ColdFusion versions 2025 and 2023. These updates resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass...
AMD Auto Updater Vulnerability
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-40677| The use of insecure HTTP transport within AMD optional tools could allow an attacker to conduct a man-in-the-middle attack, potentially leading to arbitrary code execution.| 7.7...
CVE-2026-36722
CVE-2026-36722 is an authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3. The issue allows an attacker with valid credentials to upload a crafted file and potentially execute arbitrary code. All documented sources describe the same vulnerabili...
Deserialization of Untrusted Data
Overview org.springframework.security:spring-security-saml2-service-provider is a security component for the Spring Framework. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via deserialization of credential data stored in JdbcAssertingPartyMetadataRepositor...
TYPO3 CMS 代码问题漏洞
TYPO3 CMS is a content management system developed under the TYPO3 open source framework. Code vulnerabilities existed in versions prior to TYPO3 CMS 10.4.57, as well as in versions 11.0.0 to 11.5.51, 12.0.0 to 12.4.46, 13.0.0 to 13.4.31, and 14.0.0 to 14.3.3. These vulnerabilities stemmed from...
Microsoft Remote Desktop Client 安全漏洞
Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There are security vulnerabilities in Microsoft Remote Desktop Client. Attackers can exploit these vulnerabilities to execute code remotely. The following products and versions are affected: Windows...
PT-2026-47935
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...