74 matches found
CVE-2026-40412
Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network...
SUSE-SU-2026:21836-1 Security update for cups
This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...
SUSE-SU-2026:21871-1 Security update for cups
This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...
CVE-2026-33844
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...
CVE-2026-33120
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network...
CVE-2026-25172
Integer overflow or wraparound in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...
CVE-2026-25173
Integer overflow or wraparound in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...
CVE-2026-26111
Integer overflow or wraparound in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...
KB5078885: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (March 2026)
The remote Windows host is missing security update 5078885. It is, therefore, affected by multiple vulnerabilities - Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. CVE-2026-23667 - Use after free in Windows Print Spooler Components allows an authorize...
Azure SDK for Python Remote Code Execution Vulnerability
Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network...
Linux Distros Unpatched Vulnerability : CVE-2026-22983
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: do not write to msggetinq in callee NULL pointer dereference fix. msggetinq is an input...
CVE-2026-20854
Use after free in Windows Local Security Authority Subsystem Service LSASS allows an authorized attacker to execute code over a network...
CVE-2026-20854
CVE-2026-20854 is a Windows Local Security Authority Subsystem Service (LSASS) use-after-free vulnerability that would allow an authenticated attacker to execute code remotely over the network. The primary public details come from Microsoft update guidance and vulnerability trackers, which identi...
CVE-2025-64676
'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network...
PT-2025-52358
Name of the Vulnerable Software and Affected Versions Microsoft Purview affected versions not specified Description A flaw in Microsoft Purview allows an authorized attacker to execute code over a network via the '//' path. Recommendations At the moment, there is no information about a newer...
Microsoft Purview 代码注入漏洞
Microsoft Purview is a data security and management software from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Purview that originates from path traversal and could lead to network code execution...
CVE-2025-62456
Heap-based buffer overflow in Windows Resilient File System ReFS allows an authorized attacker to execute code over a network...
PT-2025-50174
Name of the Vulnerable Software and Affected Versions Windows Routing and Remote Access Service RRAS affected versions not specified Description An issue exists in Windows Routing and Remote Access Service RRAS that allows an unauthorized attacker to execute code over a network. This is due to an...
Siemens SIMATIC S7-1500 Use After Free (CVE-2024-49982)
In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 aoe: fix the potential use-after- free problem in aoecmdcfgpkts makes tx calling devput instead of doing in aoecmdcfgpkts. It...
CVE-2025-60711
Protection mechanism failure in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...