200
CVEs
1
Threats
0
News
200
Critical
160
CISA KEV
🛡 Security Vulnerabilities (CVE)
Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticated low-privileged user can upload arbitrary files to any specified location due to insufficient validation of user‑supplied paths when creating shares.
By specifying a writable pat…
This vulnerability allows authenticated attackers to execute commands via the hostname of the device.
Dokans Multi-Tenancy Based eCommerce Platform SaaS 3.9.2 allows unauthenticated remote attackers to obtain sensitive application configuration data via direct request to /script/.env file. The exposed file contains Laravel application encryption key (APP_KEY), database credential…
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, the Git Repository field during project creation is vulnerable to command injection. User input is not properly sanitized, allowing attackers to …
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions prior to and including v4.0.0-beta.434, low privileged users are able to see the private key of the root user on the Coolify instance. This allows them to ssh t…
An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal.
Signal K Server is a server application that runs on a central hub in a boat. Prior to 1.5.0, a command injection vulnerability allows authenticated users with write permissions to execute arbitrary shell commands on the Signal K server when the set-system-time plugin is enabled.…
HotCRP is conference review software. A problem introduced in April 2024 in version 3.1 led to inadequately sanitized code generation for HotCRP formulas which allowed users to trigger the execution of arbitrary PHP code. The problem is patched in release version 3.2.
Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Execution (RCE) by leveraging the fi…
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, there is a command injection vulnerability that allows authenticated users to inject stdio_config.command/args into MCP stdio settings, causing the server …
Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, 24.04.7.
CVE-2026-27574
OneUptime Sandbox Escape in JavaScript Monitor Allows Full System Compromise
11:14 KSA
OneUptime is a solution for monitoring and managing online services. In versions 9.5.13 and below, custom JavaScript monitor feature uses Node.js's node:vm module (explicitly documented as not a security mechanism) to execute user-supplied code, allowing trivial sandbox escape vi…
In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free execution paths that were intended to require approval. Only an exact string such as --c…
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password cha…
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the …
CVE-2026-28268
Vikunja Password Reset Token Reuse Vulnerability Enables Persistent Account Takeover
09:21 KSA
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a failure to invalidate tokens upo…
A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os …
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affects E-Commerce Platform: through 27022026.
NOTE: The vendor was contacted early …
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026.
NOTE: The vendor was contacted early about this di…
The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user registration function that fails to properly sanitize the user_role parameter. This …
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backup_[timestamp].…
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE.
This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.
Please consider upgrading to Fre…
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
for a victim and later hijack the authenticated session.
The vendor was notifie…
Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. Prior to 0.13.0, crafted deeplink can install an attacker-controlled MCP server configuration without sufficient user confirmation and can lead to arbitrary local command exec…
An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTP request can lead to an arbitrary file read. An attacker can send http request to trigger this vulnerability.
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.445, parameters coming from docker-compose.yaml are not sanitized when used in commands. If a victim user creates an application from an attacker reposi…
Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.19.0, an unauthenticated attacker can pollute the internal state (`restoreFilePath`) of the server via the `/skServer/validateBackup` endpoint. This allows the attacker to hijack the …
Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to 2.4.24, the DFIR-IRIS datastore file management system has a vulnerability where mass assignment of the file_local_name field combined with path trust in th…
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin value from the request headers as the email link baseUrl without validation. If an attacker controls the Origin, password reset / email verification links in em…
Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (WorkStation), an unauthenticated attacker could create a malicious JNLP (Java Network Launch Protocol) file accessible by a public facing URL. When a victim clicks on the URL the acces…
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Squidex is an open source headless content management system and content management hub. Versions of the application up to and including 7.21.0 allow users to define "Webhooks" as actions within the Rules engine. The url parameter in the webhook configuration does not appear to v…
Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application disables TLS certificate verification by default for all outgoing storage driver communications, making the system vulnerable to Man-in-the-Middle (M…
SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to Remote Code Execution (RCE) by wr…
Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems.
Sodium.xs casts a STRLEN (size_t) to unsigned long long when passing a length pointer to libsodium functions. On 32-bit systems size_t is typically 32-bits while an unsigned long…
SAP S/4HANA (Private Cloud and On-Premise) allows an attacker with admin privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code/OS commands into the system, bypassing essential authorization checks. Thi…
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.
CVE-2026-28370
OpenStack Vitrage Query Parser Code Execution Vulnerability (CVE-2026-28370)
04:30 KSA
In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and f…
CVE-2025-69222
LibreChat SSRF Vulnerability in Actions Feature Allows Internal Service Access
04:01 KSA
LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery (SSRF)
vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to configure agents with predefined ins…
CVE-2025-59230
Windows Remote Access Connection Manager Privilege Escalation Vulnerability
11:01 KSA
Microsoft Windows Improper Access Control Vulnerability — Microsoft Windows contains an improper access control vulnerability in Windows Remote Access Connection Manager which could allow an authorized attacker to elevate privileges locally.
Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability — Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution.
ASUS Live Update Embedded Malicious Code Vulnerability — ASUS Live Update contains an embedded malicious code vulnerability client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specif…
CVE-2025-59689
Libraesva Email Security Gateway Command Injection via Compressed Attachments
11:01 KSA
Libraesva Email Security Gateway Command Injection Vulnerability — Libraesva Email Security Gateway (ESG) contains a command injection vulnerability which allows command injection via a compressed e-mail attachment.
CVE-2025-59718
Fortinet Cryptographic Signature Verification Bypass in FortiOS, FortiSwitchMaster, FortiProxy, FortiWeb
11:01 KSA
Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability — Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass…
Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability — Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.
CVE-2025-61882
Oracle E-Business Suite BI Publisher Integration Critical Remote Compromise
11:01 KSA
Oracle E-Business Suite Unspecified Vulnerability — Oracle E-Business Suite contains an unspecified vulnerability in the BI Publisher Integration component. The vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Concurrent Processing. …
Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability — Oracle E-Business Suite contains a server-side request forgery (SSRF) vulnerability in the Runtime component of Oracle Configurator. This vulnerability is remotely exploitable without authentication.
CVE-2025-61932
Motex LANSCOPE Endpoint Manager Arbitrary Code Execution via Unverified Communication
11:01 KSA
Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability — Motex LANSCOPE Endpoint Manager contains an improper verification of source of a communication channel vulnerability allowing an attacker to execute arbitrary code by sendin…
Dassault Systèmes DELMIA Apriso Code Injection Vulnerability — Dassault Systèmes DELMIA Apriso contains a code injection vulnerability that could allow an attacker to execute arbitrary code.
Dassault Systèmes DELMIA Apriso Missing Authorization Vulnerability — Dassault Systèmes DELMIA Apriso contains a missing authorization vulnerability that could allow an attacker to gain privileged access to the application.
RARLAB WinRAR Path Traversal Vulnerability — RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.
Microsoft Windows Race Condition Vulnerability — Microsoft Windows Kernel contains a race condition vulnerability that allows a local attacker with low-level privileges to escalate privileges. Successful exploitation of this vulnerability could enable the attacker to gain SYSTEM-…
Microsoft Windows Use After Free Vulnerability — Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.
Sangoma FreePBX OS Command Injection Vulnerability — Sangoma FreePBX Endpoint Manager contains an OS command injection vulnerability that could allow for a post-authentication command injection by an authenticated known user via the testconnection -> check_ssh_connect() function.…
Fortinet FortiWeb Path Traversal Vulnerability — Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability — Citrix NetScaler ADC and Gateway contain a buffer overflow vulnerability leading to unintended control flow and Denial of Service. NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Pr…
Google Chromium V8 Type Confusion Vulnerability — Google Chromium V8 contains a type confusion vulnerability that could allow a remote attacker to perform arbitrary read/write via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, in…
Google Chromium ANGLE and GPU Improper Input Validation Vulnerability — Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. This vul…
CVE-2025-66644
Array Networks ArrayOS AG OS Command Injection Vulnerability (CVE-2025-66644)
11:01 KSA
Array Networks ArrayOS AG OS Command Injection Vulnerability — Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.
RoundCube Webmail Cross-site Scripting Vulnerability — RoundCube Webmail contains a cross-site scripting vulnerability via the animate tag in an SVG document.
Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability — Synacor Zimbra Collaboration Suite (ZCS) contains a PHP remote file inclusion vulnerability that could allow for remote attackers to craft requests to the /h/rest endpoint to influence internal req…
Citrix NetScaler Memory Overflow Vulnerability — Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.
RARLAB WinRAR Path Traversal Vulnerability — RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting malicious archive files.
Gogs Path Traversal Vulnerability — Gogs contains a path traversal vulnerability affecting improper Symbolic link handling in the PutContents API that could allow for code execution.
N-able N-Central Insecure Deserialization Vulnerability — N-able N-Central contains an insecure deserialization vulnerability that could lead to command execution.
N-able N-Central Command Injection Vulnerability — N-able N-Central contains a command injection vulnerability via improper sanitization of user input.
WatchGuard Firebox Out-of-Bounds Write Vulnerability — WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthenticated attacker to execute arbitrary code.
TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability — TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL) and/or end-of-servic…
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability — Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability — BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Successful exploitation could allow an unauthenticated remote a…
Cisco Unified Communications Products Code Injection Vulnerability — Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), …
Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability — Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, …
CVE-2026-20700
Apple Multiple Buffer Overflow Vulnerability Across iOS macOS tvOS watchOS visionOS
11:01 KSA
Apple Multiple Buffer Overflow Vulnerability — Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow an attacker with memory write the capability to execute arbitrary code.
CVE-2026-20805
Microsoft Windows Desktop Window Manager Information Disclosure Vulnerability
11:01 KSA
Microsoft Windows Information Disclosure Vulnerability — Microsoft Windows Desktop Windows Manager contains an information disclosure vulnerability that allows an authorized attacker to disclose information locally.
CVE-2024-50302
Linux Kernel HID Use-of-Uninitialized-Resource Memory Leak (CVE-2024-50302)
11:01 KSA
Linux Kernel Use of Uninitialized Resource Vulnerability — The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory via a specially crafted HID report.
Aviatrix Controllers OS Command Injection Vulnerability — Aviatrix Controllers contain an OS command injection vulnerability that could allow an unauthenticated attacker to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloud_type for list_flightpath_desti…
Cleo Multiple Products Unrestricted File Upload Vulnerability — Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and download vulnerability that can lead to remote code execution with elevated privileges.
CyberPanel Incorrect Default Permissions Vulnerability — CyberPanel contains an incorrect default permissions vulnerability that allows for authentication bypass and the execution of arbitrary commands using shell metacharacters in the statusfile property.
CyberPanel Incorrect Default Permissions Vulnerability — CyberPanel contains an incorrect default permissions vulnerability that allows a remote, unauthenticated attacker to execute commands as root.
ServiceNow Incomplete List of Disallowed Inputs Vulnerability — ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs vulnerability in the GlideExpression script. An unauthenticated user could exploit this vulnerabi…
Google Chromium V8 Type Confusion Vulnerability — Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limi…
Linux Kernel Out-of-Bounds Write Vulnerability — Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege.
Linux Kernel Out-of-Bounds Read Vulnerability — Linux Kernel contains an out-of-bounds read vulnerability in the USB-audio driver that allows a local, privileged attacker to obtain potentially sensitive information.
Linux Kernel Out-of-Bounds Access Vulnerability — Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate system memory, escalate privile…
SonicWall SonicOS SSLVPN Improper Authentication Vulnerability — SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.
AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability — AMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or av…
Mitel MiCollab Path Traversal Vulnerability — Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization. This vulnerability can be c…
CVE-2024-55591
Fortinet FortiOS/FortiProxy Authentication Bypass - Super-Admin Privilege Escalation
11:01 KSA
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability — Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
Cleo Multiple Products Unauthenticated File Upload Vulnerability — Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload vulnerability that could allow an unauthenticated user to import and execute arbitrary bash or Pow…
Craft CMS Code Injection Vulnerability — Craft CMS contains a code injection vulnerability. Users with affected versions are vulnerable to remote code execution if their php.ini configuration has `register_argc_argv` enabled.
SimpleHelp Path Traversal Vulnerability — SimpleHelp remote support software contains multiple path traversal vulnerabilities that allow unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files may include server…
Advantive VeraCore Unrestricted File Upload Vulnerability — Advantive VeraCore contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload files to unintended folders via upload.apsx.
Yiiframework Yii Improper Protection of Alternate Path Vulnerability — Yii Framework contains an improper protection of alternate path vulnerability that may allow a remote attacker to execute arbitrary code. This vulnerability could affect other products that implement Yii, incl…
Palo Alto Networks Expedition Missing Authentication Vulnerability — Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, cre…
GeoVision Devices OS Command Injection Vulnerability — Multiple GeoVision devices contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to inject and execute arbitrary system commands. The impacted products could be end-of-life (EoL) and/or …
Progress WhatsUp Gold SQL Injection Vulnerability — Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user.
Kingsoft WPS Office Path Traversal Vulnerability — Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows library.
CVE-2024-7593
Ivanti Virtual Traffic Manager Authentication Bypass - Admin Account Creation
11:01 KSA
Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability — Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account.
TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability — TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSonar Anti-Ransomware does not properly validate the content of u…
Google Chromium V8 Inappropriate Implementation Vulnerability — Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web bro…
Google Chromium V8 Type Confusion Vulnerability — Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, b…
Citrix Session Recording Improper Privilege Management Vulnerability — Citrix Session Recording contains an improper privilege management vulnerability that could allow for privilege escalation to NetworkService Account access. An attacker must be an authenticated user in the sam…
Citrix Session Recording Deserialization of Untrusted Data Vulnerability — Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code execution with privilege of a NetworkService Account access. Attacker must be an authenti…
Ivanti Cloud Services Appliance OS Command Injection Vulnerability — Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to …
PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability — PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with C…
PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability — PTZOptics PT30X-SDI/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload with the ntp_addr parameter of the …
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability — Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with …
Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability — Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary …
Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability — Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass comman…
Palo Alto Networks Expedition OS Command Injection Vulnerability — Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleart…
Palo Alto Networks Expedition SQL Injection Vulnerability — Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device A…
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability — Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, including firewal…
ScienceLogic SL1 Unspecified Vulnerability — ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component.
Mozilla Firefox Use-After-Free Vulnerability — Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process.
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability — Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to …
Palo Alto Networks PAN-OS File Read Vulnerability — Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS…
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability — Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.
7-Zip Mark of the Web Bypass Vulnerability — 7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary code in the context of the current user.
Trimble Cityworks Deserialization Vulnerability — Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.
Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability — Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly …
Google Chromium V8 Type Confusion Vulnerability — Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine.
Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability — Gladinet CentreStack and Triofox contains a files or directories accessible to external parties vulnerability that allows unintended disclosure of system files.
React Native Community CLI OS Command Injection Vulnerability — React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metro Development Server and run arbitrary executables via a …
Gladinet Triofox Improper Access Control Vulnerability — Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after setup is complete.
Edimax IC-7100 IP Camera OS Command Injection Vulnerability — Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execution via specially crafted requests. The impacted product c…
Google Chromium V8 Type Confusion Vulnerability — Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.
Google Chromium Out of Bounds Memory Access Vulnerability — Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability could affect multiple w…
Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability — Gladinet CentreStack and TrioFox contain a hardcoded cryptographic keys vulnerability for their implementation of the AES cryptoscheme. This vulnerability degrades security for public exposed endpoints that…
WatchGuard Firebox Out of Bounds Write Vulnerability — WatchGuard Fireware OS iked process contains an out of bounds write vulnerability in the OS iked process. This vulnerability may allow a remote unauthenticated attacker to execute arbitrary code and affects both the mobile us…
MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability — MongoDB Server contains an improper handling of length parameter inconsistency vulnerability in Zlib compressed protocol headers. This vulnerability may allow a read of uninitialized he…
Broadcom Brocade Fabric OS Code Injection Vulnerability — Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full root privileges.
Cisco Identity Services Engine Injection Vulnerability — Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by…
Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability — Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vuln…
Cisco Identity Services Engine Injection Vulnerability — Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by…
Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability — Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow for denial of service or remote cod…
Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability — Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing author…
Cisco Multiple Products Improper Input Validation Vulnerability — Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat actors to execute arbitrary commands with root privilege…
Samsung Mobile Devices Out-of-Bounds Write Vulnerability — Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbitrary code.
Samsung Mobile Devices Out-of-Bounds Write Vulnerability — Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attackers to execute arbitrary code.
CVE-2025-21333
Windows Hyper-V NT Kernel Integration VSP Heap Buffer Overflow Privilege Escalation
11:01 KSA
Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability — Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges.
CVE-2025-21334
Windows Hyper-V NT Kernel Integration VSP Use-After-Free Privilege Escalation
11:01 KSA
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability — Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.
Microsoft Windows Privilege Escalation Vulnerability — smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.
Microsoft Windows Privilege Escalation Vulnerability — A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.
Cisco IOS Denial-of-Service Vulnerability — Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.
HP OpenView Network Node Manager Remote Code Execution Vulnerability — HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.
Apache Struts 1 ActionForm Denial-of-Service Vulnerability — ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service (DoS).
Microsoft Word Malformed Object Pointer Vulnerability — Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code.
Microsoft Office Excel Remote Code Execution Vulnerability — Microsoft Office Excel contains a remote code execution vulnerability that can be exploited when a specially crafted Excel file is opened. This malicious file could be delivered as an email attachment or hosted on a mal…
Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability — masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands.
Adobe Acrobat and Reader Buffer Overflow Vulnerability — Adobe Acrobat and Reader contain a buffer overflow vulnerability that allows remote attackers to execute code via a PDF file with long arguments to unspecified JavaScript methods.
Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability — Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the W…
Adobe Acrobat and Reader Unspecified Vulnerability — Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times.
Adobe Reader and Acrobat Input Validation Vulnerability — Adobe Acrobat and Reader contain an input validation issue in a JavaScript method that could potentially lead to remote code execution.
Oracle VirtualBox Insufficient Input Validation Vulnerability — An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.
CVE-2009-0556
Microsoft Office PowerPoint Code Injection via OutlineTextRefAtom Memory Corruption
11:01 KSA
Microsoft Office PowerPoint Code Injection Vulnerability — Microsoft Office PowerPoint contains a code injection vulnerability that allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an invalid index value that triggers m…
Microsoft Office Object Record Corruption Vulnerability — Microsoft Office contains an object record corruption vulnerability that allows remote attackers to execute code via a crafted Excel file with a malformed record object.
Microsoft Office Buffer Overflow Vulnerability — Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via a Word document with a crafted tag containing an invalid length field.
Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability — Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.
Microsoft Windows Improper Input Validation Vulnerability — The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.
phpMyAdmin Remote Code Execution Vulnerability — Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file.
Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability — Adobe Acrobat and Reader and Adobe Flash Player allows remote attackers to execute code or cause denial-of-service (DoS).
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability — Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Microsoft Excel Featheader Record Memory Corruption Vulnerability — Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.
Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability — Adobe Acrobat and Reader contains an array boundary issue in Universal 3D (U3D) support that could lead to remote code execution.
CVE-2009-3960
Adobe BlazeDS Information Disclosure Vulnerability in LifeCycle and ColdFusion
11:01 KSA
Adobe BlazeDS Information Disclosure Vulnerability — Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure.
Adobe Acrobat and Reader Use-After-Free Vulnerability — Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.
CVE-2010-0188
Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability CVE-2010-0188
11:01 KSA
Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability — Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.
Microsoft Windows Kernel Exception Handler Vulnerability — The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.
Red Hat JBoss Authentication Bypass Vulnerability — The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET hand…
CVE-2010-0840
Oracle JRE Unspecified Vulnerability Affecting Confidentiality, Integrity, and Availability
11:01 KSA
Oracle JRE Unspecified Vulnerability — Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors.
Adobe Flash Player Memory Corruption Vulnerability — Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).
Red Hat JBoss Information Disclosure Vulnerability — Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could us…
Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability — JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Securit…
Microsoft Windows Remote Code Execution Vulnerability — Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerabi…
Microsoft PowerPoint Buffer Overflow Vulnerability — Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution.
Adobe ColdFusion Directory Traversal Vulnerability — A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.
Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability — Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability — Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Microsoft Office Stack-based Buffer Overflow Vulnerability — A stack-based buffer overflow vulnerability exists in the parsing of RTF data in Microsoft Office and earlier allows an attacker to perform remote code execution.
Mozilla Multiple Products Remote Code Execution Vulnerability — Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::Conten…
Linux Kernel Improper Input Validation Vulnerability — Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system call…
Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability — Microsoft Internet Explorer contains an uninitialized memory corruption vulnerability that could allow for remote code execution. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS…
Exim Heap-Based Buffer Overflow Vulnerability — Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.
Exim Privilege Escalation Vulnerability — Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.
Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability — Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.
SAP NetWeaver Remote Code Execution Vulnerability — SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.
Ubiquiti AirOS Command Injection Vulnerability — Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.
Adobe Flash Player Unspecified Vulnerability — Adobe Flash Player contains an unspecified vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).
Adobe Flash Player Remote Code Execution Vulnerability — Adobe Flash Player contains a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.
Android OS Privilege Escalation Vulnerability — The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lo…
Microsoft Forefront TMG Remote Code Execution Vulnerability — A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.
Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability — afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted applic…
Adobe Reader and Acrobat Universal 3D Memory Corruption Vulnerability — The Universal 3D (U3D) component in Adobe Reader and Acrobat contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service (DoS).
Microsoft Windows Remote Code Execution Vulnerability — Microsoft Windows Kernel contains an unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers that allows remote attackers to execute arbitrary code via crafted font data in a Wo…
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability — An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.
D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability — The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.
Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability — The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-as…
Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability — Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the context of the current user.
Apache Struts 2 Improper Input Validation Vulnerability — The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.
⚠️ Threat Intelligence
1 threats
rss:Krebs on Securit
—
05:21 KSA
Who is the Kimwolf Botmaster “Dort”?
Following disclosure of a vulnerability used to create Kimwolf, the world's largest and most disruptive botnet, the operator known as 'Dort' has orchestrated widespread distributed attacks. The investigation focuses on identi…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Saturday, February 28, 2026
CVE Archive ·
Threats ·
News