PT-2026-29228

OpenClaw before 2026.3.12 automatically discovers and loads plugins from .OpenClaw/extensions/ without explicit trust verification, allowing arbitrary code execution. Attackers can execute malicious code by including crafted workspace plugins in cloned repositories that execute when users run...

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. A security vulnerability exists in OpenClaw that stems from automatically discovering and loading plugins from .OpenClaw/extensions/ without explicit trust validation, which can be exploited by an attacker to cause arbitrar...

SUSE CVE-2026-2492

TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target syste...

CVE-2026-2492

TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target syste...

CVE-2026-2492

TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target syste...

UBUNTU-CVE-2026-2492

TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target syste...

CVE-2026-2492

TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target syste...

CVE-2026-2492 TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target syste...

CVE-2026-26974

CVE-2026-26974 (Slyde) affects Slyde versions 0.0.4 and earlier. The root cause is Node.js automatically importing any /**.plugin.{js,mjs} files, including those from node_modules, enabling a malicious package with a .plugin.js file to execute arbitrary code when installed or required. Impact is ...

TensorFlow 代码问题漏洞

TensorFlow is an open-source end-to-end open platform for machine learning. There are code-related vulnerabilities in TensorFlow. These vulnerabilities stem from improper handling of plugins, where plugins are loaded from insecure locations by the application. This may allow local attackers to ga...

Google Chrome < 19.0.0.245 Vulnerability

The version of Google Chrome installed on the remote Windows host is prior to 19.0.0.245. It is, therefore, affected by a vulnerability as referenced in the 201511stable-channel-update advisory. - The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages an...

EUVD-2017-9692

Malware in sbrugna...

EUVD-2013-0984

Malware in sbrugna...

EUVD-2020-17453

Malware in sbrugna...

EUVD-2020-21044

Malware in sbrugna...

CVE-2025-9161

A security issue exists within FactoryTalk Optix MQTT broker due to the lack of URI sanitization. This flaw enables the loading of remote Mosquito plugins, which can be used to achieve remote code execution...

CVE-2025-9161

A security issue exists within FactoryTalk Optix MQTT broker due to the lack of URI sanitization. This flaw enables the loading of remote Mosquito plugins, which can be used to achieve remote code execution...

Photodex ProShow Producer 安全漏洞

Photodex ProShow Producer is a suite of video and image slideshow creation software from Photodex USA. A security vulnerability exists in Photodex ProShow Producer version 5.0.3256, which stems from improper handling of the plugin's loading list file and may result in a stack buffer overflow...

CVE-2020-28646

ownCloud owncloud/client before 2.7 allows DLL Injection. The desktop client loaded development plugins from certain directories when they were present...

CVE-2013-0973

Software Update in Apple Mac OS X through 10.7.5 does not prevent plugin loading within the marketing-text WebView, which allows man-in-the-middle attackers to execute plugin code by modifying the client-server data stream...