Memory corruption in libxml2's processing of schematron sch:name elements allows remote attackers to trigger crashes or potentially execute code via maliciously crafted XML files. Affects widespread deployments including Red Hat Enterprise Linux 7-10, OpenShift Container Platform 4.12-4.20, Ubuntu, and Debian distributions. CVSS 9.1 critical severity with network-exploitable vector requiring no authentication. Publicly available exploit code exists (POC confirmed). EPSS score of 0.49% suggests relatively low observed exploitation attempts despite critical rating. Not listed in CISA KEV, indicating no confirmed mass exploitation campaigns at time of analysis. Vendor patches available across all affected Red Hat products with specific versions documented.
Use-after-free in libxml2 XPath parsing allows remote attackers to crash applications via malicious XML Schematron documents. The vulnerability (CVSS 9.1) affects widespread Red Hat ecosystem products including RHEL 7-10 and OpenShift 4.12-4.20, with vendor patches available. Public exploit code exists but CISA KEV does not list active exploitation. EPSS score of 0.11% (30th percentile) suggests low observed exploitation probability despite critical CVSS rating and POC availability, indicating targeted research interest rather than mass exploitation.
Conda-build versions prior to 25.4.0 are vulnerable to path traversal (Tarslip) attacks that allow unauthenticated remote attackers to write arbitrary files outside intended extraction directories by crafting malicious tar archives with directory traversal sequences. This critical vulnerability (CVSS 9.8) affects all users and systems utilizing conda-build for package compilation, with potential for privilege escalation and code execution depending on target file locations and system permissions.
Critical stack-based buffer overflow vulnerability in D-Link DIR-632 firmware version FW103B08, affecting the HTTP POST request handler's get_pure_content function. An unauthenticated remote attacker can exploit this via a malicious Content-Length header to achieve complete system compromise including arbitrary code execution, data theft, and denial of service. Public exploit code exists for this end-of-life product, creating immediate risk for any remaining deployed instances.
Critical remote buffer overflow vulnerability in UTT 进取 750W network devices affecting the /goform/setSysAdm API endpoint. An unauthenticated remote attacker can exploit improper use of strcpy() in the passwd1 parameter to achieve complete system compromise (confidentiality, integrity, and availability). A public proof-of-concept exploit exists, and the vendor has not provided patches or response despite early disclosure notification.
Critical arbitrary code execution vulnerability in conda-build prior to version 25.4.0, where unsafe eval() function usage on meta.yaml recipe selectors allows unauthenticated remote attackers to execute arbitrary code during the package build process with no required privileges or user interaction. This vulnerability affects all users and systems using vulnerable conda-build versions to process potentially malicious or compromised recipe files, with a CVSS score of 9.8 indicating critical severity across confidentiality, integrity, and availability impacts.
Conda-build versions prior to 25.3.0 are vulnerable to dependency confusion/namespace squatting attacks where an attacker can claim the unpublished 'conda-index' package on PyPI and inject malicious code that gets installed when users run pip install on conda-build projects. This is a critical supply-chain attack vector with CVSS 9.8 (CRITICAL) affecting all users who install conda-build from source or install projects that depend on it via pip, potentially compromising developer environments and CI/CD pipelines. The vulnerability is network-accessible, requires no privileges or user interaction, and provides complete system compromise (confidentiality, integrity, availability).
Critical permissions bypass vulnerability in Google Chrome OS 16181.27.0 that allows local attackers to disable extensions and gain unauthorized access to Developer Mode on managed Chrome devices. The vulnerability is exploited using the ExtHang3r and ExtPrint3r tools to load arbitrary extensions, affecting enterprise-managed deployments with a CVSS score of 9.8 (critical severity). Active exploitation status and proof-of-concept availability should be verified through CISA KEV and security advisories.
Server-Side Template Injection (SSTI) vulnerability in the chat feature of Citrix Remote Support (RS) and Privileged Remote Access (PRA) that enables unauthenticated remote code execution with a critical CVSS score of 9.8. The vulnerability affects the chat messaging functionality across both products with no authentication or user interaction required, allowing attackers to execute arbitrary code on affected systems. This is a critical severity issue requiring immediate patching.
A path traversal vulnerability in Liferay Portal 7.0.0 (CVSS 9.8) that allows remote attackers. Critical severity with potential for significant impact on affected systems.
Critical unauthenticated SQL injection vulnerability in HAMASTAR Technology's WIMP website co-construction management platform that allows remote attackers to execute arbitrary SQL commands without authentication. Attackers can exploit this flaw to read, modify, or delete entire database contents, potentially compromising sensitive project management data, user credentials, and financial information. With a CVSS score of 9.8 and no authentication required, this vulnerability presents an immediate and severe threat to all deployed instances of the WIMP platform.
Buffer overflow vulnerability in the Apache NuttX RTOS xmlrpc example application where device statistics structures use hardcoded buffer sizes that do not account for the CONFIG_XMLRPC_STRINGSIZE configuration parameter, allowing remote attackers to overflow memory without authentication. This affects Apache NuttX RTOS versions 6.22 through 12.8.x, with a critical CVSS score of 9.8 indicating high severity across confidentiality, integrity, and availability. The vulnerability is particularly dangerous because developers may have copied the vulnerable example code into production implementations, extending the attack surface beyond the example application itself.
A buffer overflow vulnerability (CVSS 9.8). Critical severity with potential for significant impact on affected systems.
Critical permission vulnerability in the BoomPlayer mobile application (com.afmobi.boomplayer) that allows unauthenticated remote attackers to perform unauthorized operations with complete compromise of confidentiality, integrity, and availability. The vulnerability carries a maximum CVSS score of 9.8 and is classified as an improper authentication/authorization defect (CWE-287); exploitation requires no user interaction and can be triggered over the network, making it a severe risk to all users of this application.
A remote code execution vulnerability (CVSS 9.1). Critical severity with potential for significant impact on affected systems.
A remote code execution vulnerability (CVSS 9.1). Critical severity with potential for significant impact on affected systems.