5568 matches found
PT-2026-48276
Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-36515
Uncontrolled search path for some AI Playground software before version 3.0.0 alpha within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This...
CVE-2026-34274
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successf...
CVE-2026-34659
Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to execute arbitrary code. Exploitation of this...
CVE-2026-34637
Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
(Pwn2Own) Microsoft Edge Navigation Handling Universal Cross-Site Scripting Vulnerability
This vulnerability allows remote attackers to execute arbitrary cross-origin script on affected installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
OAuth interaction_required Error in Veeam Backup & Replication Console After Veeam Software Appliance Update
Challenge The Veeam Backup & Replication Console displays the following error when attempting to connect to a Veeam Software Appliance that was recently updated: Unable to perform OAuth authorization: interactionrequired. The Veeam Backup & Replication Console will report that it successfully...
PT-2026-41879
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw in the URL validation logic during redirect operations allows an attacker to bypass validation and redirect users to unauthorized URLs. This occurs when Keycloak clients are configure...
TencentOS Server 3: gimp:2.8 (TSSA-2026:0324)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0324 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2026-34647
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...
EUVD-2026-29746
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34685
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before publishing. are affected by an Improper Input...
CVE-2026-34682
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34684
Substance3D Designer before or equal to v15.1.0 is affected by an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the current user context. The vulnerability arises from an out-of-bounds write condition and requires user interaction (the victim must open a malicious fil...
CVE-2026-34676 Substance3D - Painter | Out-of-bounds Write (CWE-787)
Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34643 After Effects | Out-of-bounds Write (CWE-787)
After Effects versions 26.0, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34639 Media Encoder | Out-of-bounds Write (CWE-787)
Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Adobe Media Encoder 输入验证错误漏洞
Adobe Media Encoder is a audio and video encoding application developed by Adobe, a company based in the United States. Versions of Adobe Media Encoder such as 26.0.2, 25.6.4, and earlier versions had a vulnerability related to input validation errors. This vulnerability stemmed from integer...
PT-2026-40328
Illustrator versions 29.8.6, 30.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2026-40345
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...