Altium Enterprise Server 安全漏洞

Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. There is a security vulnerability in Altium Enterprise Server, which stems from improper validation of user-controlled path components. As a result, authenticated users can writ...

Termix 安全漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.3.2 contained security vulnerabilities. These vulnerabilities stemmed from improper validation of the sessionId parameter by the file manager’s functionality. The identifier controlle...

7-Zip 输入验证错误漏洞

7-Zip is an open-source compression software developed by 7-Zip. Version 9.18 to 26.00 of 7-Zip contained a vulnerability related to input validation errors. This vulnerability stemmed from the BSD SYMDEF parser in the Unix ar archive resolver, where a heap out-of-bound read was possible,...

Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞

Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. Version...

Cloudburst Network 输入验证错误漏洞

Cloudburst Network is a network component used in the Cloudburst project. Versions of Cloudburst Network prior to 1.0.0.CR3-20260418.124334-32 contained a vulnerability related to input validation errors. This vulnerability stemmed from issues with the network components, and it could allow...

VulnCheck KEV: CVE-2026-49777

Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4...

SAMSUNG Android USB Driver 安全漏洞

The SAMSUNG Android USB Driver is a driver program developed by South Korean company Samsung. Versions of the SAMSUNG Android USB Driver for Windows prior to 1.9.5.0 contain security vulnerabilities. These vulnerabilities stem from improper input validation, which may allow local attackers to...

ROS-20260605-73-0056

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to insufficient validation of input data. Exploiting these vulnerabilities can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

ROS-20260605-73-0040

The vulnerability in Tomcat is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

ROS-20260605-73-0042

The vulnerability in Tomcat11 is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

ROS-20260605-73-0041

The vulnerability in Tomcat10 is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service failures...

PT-2026-47019

Name of the Vulnerable Software and Affected Versions Termix versions prior to 2.3.2 Description Termix is a web-based server management platform providing SSH terminal, tunneling, and file editing capabilities. The File Manager functionality contains a Broken Access Control issue resulting from...

PT-2026-47023

Name of the Vulnerable Software and Affected Versions Markdown Preview Enhanced versions prior to 0.8.28 Description On Windows, the software opens external files and links from the preview through a shell without validating untrusted inputs from the markdown document. This allows for the injecti...

PT-2026-47080

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description The 'connection-test' endpoint opens a raw TCP socket to a user-supplied database host without resolving or range-checking the destination. This allows private and link-local addresses, including...

PT-2026-47075

Name of the Vulnerable Software and Affected Versions LatePoint – Calendar Booking Plugin for Appointments and Events versions prior to 5.6.1 Description The plugin is affected by Cross-Site Request Forgery, a flaw where an attacker tricks a victim into performing actions they did not intend to...

PT-2026-46911

Name of the Vulnerable Software and Affected Versions Product Slider Pro for WooCommerce versions prior to 3.5.4 Description Improper validation of input parameters related to specified quantities allows unauthenticated remote attackers to implant malicious software and execute arbitrary commands...

PT-2026-47046

Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW version 17.4.0 Description An infrastructure issue in the Reports application is caused by insecure input validation, which occurs when a program does not properly verify the...

PT-2026-47040

Name of the Vulnerable Software and Affected Versions HAX CMS versions 11.0.6 through 24.x Description The file upload functionality in HAXCMS PHP validates file extensions using a regex pattern but fails to verify the actual file content or MIME type Multipurpose Internet Mail Extensions, a...

PT-2026-46927

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...

PT-2026-46925

Improper input validation in Samsung Plus TV prior to version 1.0.28.6 allows remote attackers to access sensitive information...