PT-2026-45420

Name of the Vulnerable Software and Affected Versions HP Poly VVX series affected versions not specified HP Poly Trio 8300 affected versions not specified HP Poly Trio 8500 affected versions not specified HP Poly Trio 8800 affected versions not specified Description An unauthenticated stack-based...

PT-2026-45254

In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295...

Disig Web Signer security vulnerability

Disig Web Signer is an electronic signature middleware platform developed by the Slovak company Disig. Versions 2.0.3 to 2.5.3 of Disig Web Signer contain security vulnerabilities, which stem from critical remote code execution vulnerabilities...

VulnCheck KEV: CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

PUB-A-449160232

In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-449726527

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45578

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A heap buffer overflow exists in multiple functions within sdp discovery.cc. This flaw allows for remote code execution in proximal or adjacent network environments without requiring addition...

📄 Espanso 2.3.0 Configuration Injection

This Python script is a configuration manipulation tool for Espanso version 2.3.0 that modifies its YAML configuration file base.yml to add new text triggers capable of executing system commands via shell or script extensions...

PT-2026-45444

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

Poly Voice – Possible Remote Control of Certain Poly Devices

In certain scenarios when the admin has enabled Interactive Connectivity Establishment ICE, a buffer overflow could enable remote code execution on Poly Voice products on the Linux platform. HP Poly recommends admins disable ICE connectivity when not required...

Dassault Systèmes Teamwork Cloud and Dassault Systèmes Magic Collaboration Studio have security vulnerabilities

Dassault Systèmes Teamwork Cloud and Dassault Systèmes Magic Collaboration Studio are both products of Dassault Systèmes, a French company. Dassault Systèmes Teamwork Cloud is a collaborative model version control and storage platform. Dassault Systèmes Magic Collaboration Studio is a cloud-based...

PT-2026-45544

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 8.5 IBM WebSphere Application Server version 9.0 Description Remote code execution can occur due to the deserialization of untrusted data. This issue affects JAX-WS endpoints that utilize WS-Security...

PT-2026-45541

IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions ACS is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator...

ArmCode Arm Whois security vulnerability

ArmCode Arm Whois is a web information query tool developed by ArmCode Corporation. Version 3.11 of ArmCode Arm Whois contains a security vulnerability. This vulnerability stems from a stack buffer overflow, which could allow remote attackers to execute arbitrary code by providing excessive input...

IBM WebSphere Application Server (WAS) code-related vulnerabilities

IBM WebSphere Application Server WAS is an application server product developed by IBM. It serves as a platform for JavaEE and web services applications and forms the foundation of the IBM WebSphere software suite. Versions 9.0 and 8.5 of IBM WebSphere Application Server contained code...

ASB-A-447536200

In multiple functions of sdpdiscovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a buffer overflow in multiple functions within sdpdiscovery.cc. This vulnerability may lead to remote code execution, and it can be...

PT-2026-45543

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

📄 Apache ActiveMQ Jolokia Remote Code Execution

This is a proof of concept security research tool that evaluates a potential authenticated remote code execution pathway through the Jolokia management interface exposed by Apache ActiveMQ. The tool authenticates to the broker, discovers configuration details, interacts with JMX operations expose...

Exploit for CVE-2022-25765

CVE-2022-25765 — Command Injection in pdfkit Descripción...