247112 matches found
PT-2026-47065
The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of unserialize without an allowed classes restriction in the IdsToCollection::get ids from string function, which processes...
ROS-20260605-73-0106
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260605-73-0085
The vulnerability of Firefox browsers, Firefox ESR, and Thunderbird email clients, Thunderbird ESR, is related to writing beyond the buffer limit. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260605-73-0019
The vulnerability in ImageMagick7 is related to buffer overflow in the stack. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
ROS-20260605-73-0018
The vulnerability in ImageMagick is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
PT-2026-47043
A path traversal vulnerability exists in the Altium Enterprise Server Vault Service UploadController due to improper validation of a user-controlled path component in image upload requests. An authenticated user can supply a crafted absolute path so that the configured storage root is discarded,...
PT-2026-47050
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Starting in version 9.5.0 and prior to version 11.0.3, an attacker can remotely execute arbitrary system commands on the web server hosting Open XDMoD with the privileges of the web server process. This could allow an attack...
ROS-20260605-73-0093
The vulnerability in Firefox is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
PT-2026-46901
A heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio range to cause a Denial of Service kernel panic or potentially achieve Remote Code Execution via a...
PT-2026-47030
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an OS command injection vulnerability exists in the Git.php library of the HAXcms PHP backend. The application constructs shell command strings using unsanitized input and executes them via proc open. An...
PT-2026-47062
šØ Multiple Critical Vulnerabilities Disclosed in DbGate Several severe vulnerabilities in DbGate can allow attackers to achieve remote code execution: ā¢ CVE-2026-47668 - Unauthenticated RCE via JSON Script Runner dbgate-serve ā¢ CVE-2026-47669 - Zip Slip arbitrary file write leading to RCE ā¢...
PT-2026-47044
Two path traversal vulnerabilities in the Network Installation Service NIS of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session...
ROS-20260605-73-0086
Vulnerability of the Graphics component: The text-based browsers Mozilla Firefox, Firefox ESR, and the email client Thunderbird are vulnerable to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
ROS-20260605-73-0105
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260605-73-0091
The vulnerability in Firefox is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260605-73-0032
The vulnerability in Tomcat10 is related to insufficient registration checks. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260605-73-0074
The vulnerability in Firefox is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Poc-PoisonJar
RCE Nextcloud ā Cache Poisoning ā Pre-Auth RCE Reproducible p...
CVE-2026-45497
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an authorized attacker to execute code over a network...
DEBIAN-CVE-2026-11235
Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...