CVE-2018-25427

CVE-2018-25427 pertains to Arm Whois 3.11, where a stack-based buffer overflow allows remote code execution by sending oversized input to the IP address or domain field. Input longer than 658 bytes with shellcode can overwrite the Structured Exception Handler, enabling command execution during pr...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the rawtoheader function. An attacker can corrupt adjacent stack memory and potentially execute arbitrary code or cause a crash by supplying a crafted TAR archive with non-null-terminated name or linkname...

CVE-2026-9311

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

CVE-2026-9319

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security...

CVE-2026-9330

IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component. This could result in remote code execution via a crafted HTTP request when combined with a suitable gadget chain...

CVE-2026-7770

IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions ACS is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator...

CVE-2026-49121

AI Tensor Engine for ROCm AITER through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv function within shmbroadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle payload to a ZMQ SUB socket...

CVE-2026-47294

Improper neutralization of special elements used in an os command 'os command injection' in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

CVE-2026-43958

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

CVE-2024-52011

launch-editor allows users to open files with line numbers in editor from Node.js. Prior to version 2.9.0, due to the insufficient sanitization of the file argument in the launchEditor, an attacker can execute arbitrary commands on Windows by supplying a filename that contains special characters...

UBUNTU-CVE-2026-43958

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

Important: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

EUVD-2026-33701

An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.load with unrestricted deserialization...

CVE-2026-47294

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

CVE-2026-47294 Microsoft SharePoint Server Remote Code Execution Vulnerability

...

CVE-2026-47294

CVE-2026-47294 describes a SharePoint Server remote code execution via deserialization of untrusted data in Microsoft Office SharePoint. The vulnerability allows an authenticated, network-connected attacker to potentially run code on the affected server. The linked Microsoft advisories indicate t...

CVE-2026-47294 Microsoft SharePoint Server Remote Code Execution Vulnerability

...

EUVD-2026-33745

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

[SECURITY] [DSA 6318-1] gst-plugins-good1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6318-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2026 https://www.debian.org/security/faq -...

[SECURITY] [DSA 6317-1] symfony security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6317-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2026 https://www.debian.org/security/faq -...