Monitor and prioritize what really matters — the 1% of vulnerabilities that can cause real impact.
This vulnerability is a remote code execution flaw resulting from insecure deserialization of untrusted data within PTC Windchill PDMLink and FlexPLM components. Specifically, the deserialization process fails to properly validate or sanitize incoming serialized objects, allowing malicious payloads to be executed during object reconstruction. The affected components include all CPS versions and Windchill/FlexPLM releases prior to 11.0 M030, where the deserialization functionality is exposed to network input.
This vulnerability arises from the publication of a maliciously altered version of the Nx Console extension (version 18.95.0) for Visual Studio Code and OpenVSX. The root cause is the distribution of a compromised package through official extension marketplaces, affecting the integrity verification and supply chain of the Nx Console user interface component. The compromised version contains unauthorized code introduced during the build or publishing process, impacting the extension's execution environment within the IDE.
This vulnerability is a Path Traversal flaw (CWE-22) in Ubiquiti UniFi OS Server and related firmware components. The root cause is insufficient validation of user-supplied file path inputs, allowing traversal sequences to access files outside the intended directory scope. The affected components include UniFi OS Server and various UniFi device firmware versions that handle file requests without proper sanitization.
This vulnerability is a supply chain compromise affecting the build and distribution process of AVB Disc Soft's DAEMON Tools Lite Windows installer packages, specifically versions 12.5.0.2421 through 12.5.0.2434. The root cause is unauthorized access to the vendor's build infrastructure, allowing attackers to inject malicious code into three signed binaries (DTHelper.exe, DiscSoftBusServiceLite.exe, DTShellHlp.exe). The trojanized binaries maintain valid digital signatures, impacting the integrity verification mechanism of the installation process.
This vulnerability is an improper input validation flaw within Ivanti Endpoint Manager Mobile's administrative interface. The root cause lies in insufficient sanitization of inputs processed by privileged functions, enabling crafted input to bypass validation controls. The affected component is the administrative access functionality in versions prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1.
This vulnerability is a command injection flaw rooted in improper input validation within VMware Aria Operations. Specifically, the support-assisted product migration component fails to sanitize user-supplied input, allowing execution of arbitrary system commands. The affected feature processes migration-related commands without adequate filtering, enabling injection through crafted inputs during migration operations.
This vulnerability is a file overwrite flaw caused by improper file handling in the API interface of Cisco Catalyst SD-WAN Manager. Specifically, the API allows authenticated users with read-only credentials to upload files without sufficient validation or restrictions, enabling arbitrary file overwrite on the local filesystem. The affected component is the API subsystem responsible for processing file uploads within the SD-WAN Manager product.
This vulnerability is an information disclosure flaw caused by insufficient file system access controls within Cisco Catalyst SD-WAN Manager. The root cause lies in the improper enforcement of access restrictions on API endpoints, allowing unauthorized read access to sensitive files on the underlying operating system. The affected component is the API interface of the Cisco Catalyst SD-WAN Manager software.
This vulnerability is a hardcoded credential flaw within Dell RecoverPoint for Virtual Machines prior to version 6.0.3.1 HF1. The root cause is the presence of static, embedded authentication credentials in the software, which are accessible without authentication. The affected component is the authentication mechanism of the RecoverPoint for Virtual Machines management interface, allowing unauthorized access to privileged functions.
This vulnerability is an OS command injection flaw in Soliton Systems K.K. FileZen, specifically triggered when the FileZen Antivirus Check Option is enabled. The root cause lies in insufficient input validation of user-supplied data within HTTP requests, allowing injection of arbitrary operating system commands. The affected component is the FileZen web interface handling these specially crafted requests from authenticated users.
This vulnerability is a protection mechanism failure within the MSHTML Framework component of Microsoft Windows 10, specifically affecting versions 1607, 1809, and 21H2 across multiple architectures. The root cause lies in an insufficient enforcement of security controls that allow bypassing of a critical security feature during processing of web content. The failure occurs at the component level responsible for rendering and handling HTML content, enabling unauthorized manipulation of the security boundary.
This vulnerability is a stored Cross-Site Scripting (XSS) flaw affecting the Classic UI component of Zimbra Collaboration Suite (ZCS). The root cause lies in improper sanitization of Cascading Style Sheets (CSS) @import directives embedded within HTML email messages, allowing malicious CSS to be stored and later executed in the user interface. The flaw exists in ZCS versions prior to 10.0.18 and 10.1.13, specifically in the handling of HTML email content rendering.
This vulnerability originates from unauthorized modifications introduced into specific builds of the ASUS Live Update client through a supply chain compromise. The root cause is the presence of altered code within the update client binary that triggers unintended actions under certain targeting conditions. The affected component is the ASUS Live Update client software, which has reached End-of-Support as of October 2021.
This vulnerability is a command injection flaw rooted in improper input validation within Array Networks ArrayOS AG versions prior to 9.4.5.9. The issue arises from insufficient sanitization of user-supplied data passed to system-level commands in the VPN appliance's management interface. The affected component is the ArrayOS AG software responsible for handling administrative command inputs, enabling attackers with elevated privileges to inject arbitrary commands.
This vulnerability is a type confusion flaw occurring within the V8 JavaScript engine component of Google Chrome. The root cause lies in improper handling of object types during runtime, which leads to heap memory corruption. The affected feature is the V8 engine's internal type system prior to version 142.0.7444.175, where crafted inputs can manipulate the engine's assumptions about object types.
This vulnerability is a use-after-free flaw arising from improper memory management in the processing of web content within Apple’s Safari browser and underlying OS components. The root cause involves the premature release of memory objects that are subsequently accessed, leading to memory corruption. Affected components include the Safari browser engine and web content processing modules in macOS Ventura, iOS, and iPadOS.
The vulnerability in MOTEX Inc. Lanscope Endpoint Manager (On-Premises) arises from improper verification of the origin of incoming network requests. Specifically, the Client program (MR) and Detection agent (DA) components fail to validate the authenticity of packets received, enabling an attacker to craft and send malicious packets that are processed without adequate origin checks. This flaw is rooted in insufficient input validation within the network communication handling modules of the endpoint management system.
This vulnerability is a remote code execution flaw arising from improper handling of specific malicious traffic within the Access Policy Manager (APM) feature of F5 BIG-IP virtual servers. The root cause lies in the APM access policy processing logic failing to adequately validate or sanitize crafted input, enabling execution of arbitrary code. The affected component is the BIG-IP APM access policy configured on virtual servers.
This vulnerability is a command injection flaw rooted in improper input validation of compressed email attachments processed by Libraesva Email Security Gateway. The affected component fails to sanitize or securely handle shell commands embedded within these attachments, allowing crafted data to be executed on the underlying system. The flaw specifically impacts versions 4.5 through 5.5.x prior to designated patch releases, compromising the email attachment processing module.
This vulnerability is an out-of-bounds write occurring in the libimagecodec.quram.so library component of Samsung Mobile Devices. The root cause is improper bounds checking during image codec processing, which allows memory corruption by writing data outside the allocated buffer. This flaw exists in versions of the Android OS on Samsung devices prior to the SMR September 2025 Release 1.
This vulnerability is an authenticated remote command injection in the Parental Control feature of TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9 firmware. The root cause lies in improper input validation on the Parental Control page, allowing shell commands to be injected and executed with elevated privileges. The flaw resides specifically in the firmware component handling user inputs on the Parental Control management interface.
This vulnerability is a command injection flaw caused by improper input validation in N-able N-central. The root cause lies in the failure to sanitize user-supplied inputs in specific components, enabling crafted inputs to be interpreted as operating system commands. The affected component is the N-central management platform prior to version 2025.3.1, where input handling mechanisms do not adequately restrict command execution vectors.
This vulnerability is a command injection flaw rooted in insufficient input validation within the Trend Micro Apex One on-premise management console. The flaw allows unauthenticated remote attackers to upload and execute arbitrary code by exploiting the console's file upload handling mechanism. The affected component is the management console interface responsible for processing incoming requests without proper authentication checks or sanitization.
This vulnerability is an authentication bypass caused by improper validation in the Single Sign-On (SSO) authentication mechanism of Quest KACE Systems Management Appliance (SMA). The root cause lies in the flawed handling of authentication tokens or session states, allowing the system to incorrectly grant access without verifying legitimate credentials. The affected component is the SSO authentication handler across multiple SMA software versions prior to specified patch levels.
This vulnerability is a Cross-Site Scripting (XSS) flaw rooted in insufficient sanitization of HTML content within the Zimbra Classic UI. The issue arises from improper handling of crafted tag structures and attribute values that include @import directives and other script injection vectors. The affected component is the Classic UI rendering engine that processes email message content, failing to neutralize malicious JavaScript payloads embedded in email bodies.
This vulnerability is a logic flaw in the media processing component of Apple iOS and iPadOS, specifically when handling photos or videos shared via iCloud Link. The root cause lies in insufficient validation and improper processing logic for maliciously crafted media files, leading to incorrect handling of input data within the media parsing routines. This flaw affects the media handling subsystem across multiple Apple operating systems including iOS, iPadOS, macOS, visionOS, and watchOS.
This vulnerability is a use-after-free memory corruption occurring within the Adreno GPU driver component used by Qualcomm Snapdragon devices. The flaw arises from improper management of memory objects during graphics rendering operations in the Chrome environment, specifically related to the handling of GPU command buffers. The affected component is the Adreno GPU driver firmware across multiple Qualcomm firmware versions, leading to unsafe memory access conditions.
This vulnerability is an information disclosure flaw stemming from an exposed heap dump endpoint in the TeleMessage service's Spring Boot Actuator configuration. The root cause is the unsecured exposure of the /heapdump URI, which allows unauthenticated access to JVM heap memory dumps. The affected component is the Spring Boot Actuator's heap dump feature within TeleMessage service versions prior to 2025-05-05.
This vulnerability is a deserialization flaw in the SAP NetWeaver Visual Composer Metadata Uploader component. The root cause is improper validation and handling of serialized metadata content uploaded by privileged users, allowing untrusted or malicious data to be deserialized. This flaw affects the Visual Composer development server within SAP NetWeaver 7.5, specifically the metadata upload functionality that processes serialized input without sufficient integrity checks.
The vulnerability is an information exposure flaw caused by the TeleMessage archiving backend storing message data in cleartext form. This occurs within the backend component responsible for archiving messages from the TM SGNL (Archive Signal) application. The root cause is the backend's failure to apply end-to-end encryption to archived messages, contrary to the documented encryption claims.
This vulnerability is a server-side file injection issue rooted in improper handling of session data in Craft CMS. The system stores arbitrary content from unauthenticated users directly into session files located on the server without sanitization. The affected component is the session management mechanism that writes user-supplied return URLs into session files named with predictable patterns under '/var/lib/php/sessions'.
This vulnerability is a directory traversal flaw caused by improper sanitization of file path parameters in Srimax Output Messenger versions prior to 2.0.63. The affected component fails to correctly validate or normalize user-supplied input containing "../" sequences, allowing traversal outside the intended directory scope. This weakness resides in the file handling routines responsible for managing resource access within the messaging application.
This vulnerability is a ViewState code injection issue affecting ASP.NET Web Forms used by ConnectWise ScreenConnect versions 25.2.3 and earlier. The root cause lies in the reliance on ViewState, which encodes page and control state data in Base64 and protects it using machine keys. If an attacker obtains these machine keys, they can craft malicious ViewState payloads that the server deserializes, leading to code injection via the ViewState mechanism.
This vulnerability is a remote authenticated code execution flaw in the Commvault Web Server caused by improper input validation allowing attackers to upload and execute malicious webshells. The root cause lies in the webserver's failure to restrict file upload or execution permissions, enabling crafted requests to deploy arbitrary code. The affected component is the webserver module handling file creation and execution on both Windows and Linux platforms.
The vulnerability is a stack-based buffer overflow in QUALITIA CO., LTD. Active! mail 6, specifically in BuildInfo versions 6.60.05008561 and earlier. The root cause lies in improper bounds checking when processing incoming requests, allowing excessive data to overwrite stack memory. This flaw affects the request handling component of the Active! mail 6 server, enabling memory corruption through crafted input.
This vulnerability is a bypass of Pointer Authentication implemented in Apple operating systems. The root cause lies in the presence of vulnerable code that allows an attacker with arbitrary memory read and write capabilities to circumvent the integrity checks enforced by Pointer Authentication. The affected components include Apple iOS, iPadOS, macOS Sequoia, tvOS, and visionOS, where Pointer Authentication is used to protect against memory corruption attacks.
This vulnerability is an authenticated path traversal and arbitrary file upload flaw in Kentico Xperience's Staging Sync Server component. The root cause lies in insufficient validation of user-supplied file paths during the upload process, allowing traversal to unintended directories. This improper sanitization enables attackers to place files outside the intended storage location, including executable content, within affected versions through 13.0.178.
The vulnerability is a supply chain compromise involving the reviewdog/action-setup GitHub Action, where malicious code was injected into the version v1 of the action. The root cause is unauthorized modification of the action's source code repository, resulting in the inclusion of code that exfiltrates secrets. This affects the reviewdog/action-setup component and all other reviewdog GitHub Actions that depend on reviewdog/action-setup@v1, regardless of version pinning.
This vulnerability is a stored cross-site scripting (XSS) flaw arising from insufficient sanitization of HTML content within ICS calendar files processed by the Classic Web Client of Zimbra Collaboration Suite versions 9.0, 10.0, and 10.1. The root cause lies in the improper handling of embedded JavaScript triggered by the ontoggle event inside the <details> HTML tag when rendering ICS file contents in email messages. This flaw affects the email rendering component responsible for displaying calendar invitations and related ICS data.
This vulnerability is an information disclosure issue caused by improper handling of sensitive data within the Windows NTFS logging mechanism. Specifically, sensitive information is inserted into log files without adequate protection or sanitization. The flaw resides in the logging component of Microsoft Windows 10 versions 1507, 1607, and 1809, affecting both x64 and x86 architectures, allowing unauthorized physical access to retrieve sensitive data from logs.
This vulnerability is an improper access control flaw within Microsoft Power Pages, specifically affecting the user registration control mechanism. The root cause lies in the failure to enforce proper authorization checks on registration-related network requests, enabling unauthorized privilege escalation. The affected component is the registration control feature of Power Pages that manages user sign-up and access permissions.
This vulnerability is an authenticated file read flaw in Palo Alto Networks PAN-OS software, specifically affecting the management web interface component. The root cause lies in improper access control allowing an authenticated user with network access to read arbitrary files on the PAN-OS filesystem that are accessible by the "nobody" user. The flaw arises from insufficient restrictions on file read operations within the management interface's authentication context.
This vulnerability is an authentication bypass caused by improper validation of Security Fabric proxy requests in Fortinet FortiOS and FortiProxy products. The flaw arises from the acceptance of crafted CSF proxy requests that exploit knowledge of upstream and downstream device serial numbers. The affected component is the Security Fabric integration feature, which fails to enforce proper authentication controls between devices, enabling unauthorized privilege escalation.
This vulnerability is an authorization bypass caused by improper state management within Apple iOS and iPadOS. The flaw affects the USB Restricted Mode feature on locked devices, allowing physical manipulation to disable its protections. The root cause lies in insufficient enforcement of authorization checks controlling USB access state transitions under locked conditions.
This vulnerability is a post-authentication command injection affecting the legacy DSL CPE Zyxel VMG4325-B10A firmware. The root cause lies in improper input validation within the management command interface accessible via Telnet, allowing injection of arbitrary OS commands. The affected component is the firmware's management command processing module, which fails to sanitize user-supplied input before execution.
This vulnerability is a post-authentication command injection affecting the CGI program within the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615. The root cause lies in insufficient input validation of HTTP POST parameters, allowing crafted input to be interpreted as operating system commands. The affected component is the device's web-based management interface handling CGI requests.
The vulnerability is an improper file upload control in Advantive VeraCore versions prior to 2024.4.2.1, specifically involving the upload.aspx component. The root cause is insufficient validation of the destination directory during file upload operations, allowing authenticated users to place files into arbitrary folders. This flaw affects the web application's file handling mechanism, enabling manipulation of file storage paths beyond intended restrictions.
This vulnerability is a pre-authentication deserialization flaw rooted in improper handling of untrusted data within the SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC). The deserialization process fails to validate or sanitize input before reconstructing objects, enabling arbitrary code execution through crafted serialized payloads. The affected components include the SMA1000 management interfaces responsible for processing serialized data from remote connections.
This vulnerability is a remote code execution flaw rooted in improper handling of user-supplied input that allows unsafe evaluation of code within the Craft CMS environment. The vulnerability arises when the security key, which is used for cryptographic operations and integrity checks, has been compromised. The affected component is the Craft CMS versions 4 and 5 prior to specific patched releases, where the compromised key enables exploitation of the code evaluation mechanism.
This vulnerability is a path traversal and arbitrary file upload flaw rooted in improper validation of zip archive contents within the SimpleHelp remote support software. The server component responsible for handling admin-uploaded zip files fails to sanitize file paths inside the archive, enabling crafted zip entries to escape intended directories. This zip slip flaw affects versions 5.5.7 and earlier, specifically the file upload processing logic in the administrative interface.