Apache Kylin 3.0.1 - Command Injection Vulnerability

Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation. id: CVE-2020-1956 info: name: Apache Kylin 3.0.1 - Command Injecti...

Roxy-WI < 6.1.1.0 - Remote Code Execution

Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the subprocessexecute function without processing the inputs received from the user in the /app/options.py file. id: CVE-2022-31137 info: name: Roxy-WI 6.1.1.0 - Remote Code Execution author:...

JSONPath Plus < 10.3.0 - Remote Code Execution

Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution RCE due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode. Note: This is caused by an incomplete fix for...

Apache Struts2 S2-057 - Remote Code Execution

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible remote code execution when alwaysSelectFullNamespace is true either by user or a plugin like Convention Plugin and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace...

Cobbler <3.3.0 - Remote Code Execution

Cobbler before 3.3.0 allows log poisoning and resultant remote code execution via an XMLRPC method. id: CVE-2021-40323 info: name: Cobbler 3.3.0 - Remote Code Execution author: c-sh0 severity: critical description: Cobbler before 3.3.0 allows log poisoning and resultant remote code execution via ...

Apache OFBiz < 18.12.11 - Remote Code Execution

The vulnerability allows attackers to bypass authentication to achieve a simple Server-Side Request Forgery SSRF id: CVE-2023-51467 info: name: Apache OFBiz 18.12.11 - Remote Code Execution author: your3cho severity: critical description: | The vulnerability allows attackers to bypass...

Sunflower Simple and Personal 1.0.1.43315 - Remote Code Execution

Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...

SUSE CVE-2026-41283

OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials...

SUSE CVE-2026-42305

Dulwich is a pure-Python implementation of the Git file formats and protocols. Versions starting with 0.10.0 and prior to 1.2.5 have an arbitrary file write leading to remote code execution when cloning or checking out a malicious Git repository on Windows. Dulwich's path-element validator accept...

EUVD-2026-36328

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

PT-2026-48882

Name of the Vulnerable Software and Affected Versions Amasty Order Attributes for Magento 2 versions prior to 4.0.0 Description An unauthenticated arbitrary file upload issue allows attackers to write files of any type or name to the store's media directory. This occurs because the upload endpoin...

Debian dla-4629 : apache2 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4629 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4629-1 [email protected]...

UBUNTU-CVE-2026-11774

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

PT-2026-49053

Summary A vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web page and create files containing the master password in plaintext. The provided file name must be an absolute path to t...

PT-2026-48898

A code injection vulnerability in version 0.4.17 or later of the ChromaDB Python project allows an authenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust remote code set to true in the /api/v2/tenants/default tenant/databases/default...

📄 Paperclip AI Remote Code Execution

Paperclip is the operating system for your AI company. You set the goals, hire AI agents as employees, and watch them plan and execute work. Prior to version 2026.410.0, Paperclip allows for unauthenticated remote code execution on any network-accessible instance running in authenticated mode wit...

📄 Gogs 0.14.2 Argument Injection

Proof of concept exploit for an argument injection vulnerability in Gogs versions 0.14.2 and below and versions 0.15.0+dev and below. ================================================================================================================================== | Title : Gogs Git Rebase Argume...

PT-2026-48968

Name of the Vulnerable Software and Affected Versions Kitty versions prior to 0.47.0 Description A flaw allows a program capable of writing bytes to the terminal—such as a remote SSH peer, a downloaded file viewed with cat, a log line, an email body rendered in less, or an issue body in a TUI—to...

Ivanti Sentry < R10.5.2 / R10.6.2 / R10.7.1 Multiple Vulnerabilities

The version of Ivanti Sentry formerly MobileIron Sentry running on the remote host is prior to R10.5.2, R10.6.2, or R10.7.1. It is, therefore, affected by multiple vulnerabilities : - An OS command injection vulnerability allows a remote, unauthenticated attacker to achieve root-level remote code...

DEBIAN-CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...