CVE-2025-26260

Plenti = 0.7.16 is vulnerable to code execution. Users uploading '.svelte' files with the /postLocal endpoint can define the file name as javascript codes. The server executes the uploaded file name in host, and cause code execution...

Microsoft Word Code Execution Vulnerability (CNVD-2025-09957)

Microsoft Word is a word processing software in the Office suite of the American Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...

CVE-2025-27161 Acrobat Reader | Out-of-bounds Read (CWE-125)

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code i...

CVE-2025-27162 Acrobat Reader | Access of Uninitialized Pointer (CWE-824)

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus...

CVE-2025-24441

CVE-2025-24441 affects Substance3D Sampler 4.5.2 and earlier, with an out-of-bounds write vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Affected version information and impact are...

CVE-2025-23396

A vulnerability has been identified in Teamcenter Visualization V14.3 All versions V14.3.0.13, Teamcenter Visualization V2312 All versions V2312.0009, Teamcenter Visualization V2406 All versions V2406.0007, Teamcenter Visualization V2412 All versions V2412.0002, Tecnomatix Plant Simulation V2302...

PT-2025-10836 · Microsoft · Windows Ntfs +1

Name of the Vulnerable Software and Affected Versions: Windows NTFS affected versions not specified Description: The issue is related to a heap-based buffer overflow in Windows NTFS, allowing an unauthorized attacker to execute code locally. This can be exploited by mounting a specially crafted V...

ROS-20250311-06

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

CVE-2025-25977

An issue in canvg v.4.0.2 allows an attacker to execute arbitrary code via the Constructor of the class StyleElement...

CVE-2024-53307

A reflected cross-site scripting XSS vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

CVE-2024-53307

A reflected cross-site scripting XSS vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

Advisory ROSA-SA-2025-2762

Software: python-jinja2 2.7.2 OS: rosa-server79 packageevrstring: python-jinja2-2.7.2-4.0.1.res7 CVE-ID: CVE-2024-56326 BDU-ID: 2025-00113 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the str.format method of the jinja html templating tool is related to the failure to neutralize special element...

CVE-2024-42733

An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input...

GHSA-VVJV-97J8-94XH

creationtimestamp| type| source ---|---|--- 2025-03-06 19:38:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6732...

Linux Distros Unpatched Vulnerability : CVE-2023-45678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maxim...

Linux Distros Unpatched Vulnerability : CVE-2023-45675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The...

CVE-2024-53388

A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...

Linux Distros Unpatched Vulnerability : CVE-2022-2054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Code Injection in GitHub repository nuitka/nuitka prior to 0.9. CVE-2022-2054 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2021-34119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in htmodoc 1.9.12 in function parseparagraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via ...

Linux Distros Unpatched Vulnerability : CVE-2022-25972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. A...