An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to execute arbitrary code via uploading a crafted .Md file. [CVSS 8.8 HIGH]
An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace. [CVSS 7.8 HIGH]
Remote code execution in Wavlink WL-NU516U1 firmware through a stack-based buffer overflow in the nas.cgi User1Passwd parameter allows unauthenticated network attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains stored and reflected cross-site scripting vulnerabilities in the urlfilter.cgi endpoint that allow attackers to inject malicious scripts. [CVSS 7.2 HIGH]
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. [CVSS 7.2 HIGH]
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulnerabilities in the modem.cgi script that allow attackers to inject malicious scripts through POST parameters. [CVSS 7.2 HIGH]
Arbitrary plugin installation in WowRevenue for WordPress (versions up to 2.1.3) allows authenticated subscribers to bypass capability checks and install malicious plugins, potentially enabling remote code execution on vulnerable sites. The vulnerability requires only low-privilege user access and network connectivity, affecting WordPress instances running the vulnerable plugin without an available patch.
Heap buffer overflow in libvpx affects Firefox and Thunderbird across multiple versions, enabling remote code execution when a user interacts with malicious content. An unauthenticated attacker can exploit this vulnerability over the network without special privileges to achieve complete system compromise including data theft and integrity violations. No patch is currently available, making this a critical risk for affected users.
ENOVIAvpm Web Access versions 1.16 through 1.19 contain a reflected XSS vulnerability that allows authenticated attackers to inject and execute arbitrary JavaScript in a victim's browser session through a crafted URL. The vulnerability requires user interaction to trigger but can lead to session hijacking, credential theft, or malware distribution across the affected organization. No patch is currently available, requiring organizations to implement network-level mitigations or restrict access until a fix is released.
Intelbras VIP 3260 Z IA devices running firmware 2.840.00IB005.0.T contain a weak password recovery mechanism in the /OutsideCmd functionality that allows remote attackers with high technical sophistication to potentially compromise authentication controls. The vulnerability carries a CVSS score of 8.1 and currently lacks a patch, requiring organizations to implement compensating controls or consider alternative solutions until remediation is available.
Arbitrary code execution in SOLIDWORKS eDrawings 2025-2026 via out-of-bounds write in EPRT file parsing allows local attackers to gain code execution when opening malicious files. The vulnerability requires user interaction and affects both confidentiality, integrity, and availability. No patch is currently available.
Arbitrary code execution in SOLIDWORKS eDrawings 2025-2026 results from an out-of-bounds read flaw in EPRT file processing, enabling attackers to compromise systems by tricking users into opening malicious files. The vulnerability affects local users with no privilege requirements and carries a high severity rating, though no patch is currently available.
Solidworks Edrawings versions up to 2025 contains a vulnerability that allows attackers to execute arbitrary code while opening a specially crafted EPRT file (CVSS 7.8).
Remote command injection in yued-fe LuLu UI through version 3.0.0 allows unauthenticated attackers to execute arbitrary OS commands via the child_process.exec function in run.js. The vulnerability requires no user interaction and can be exploited over the network, potentially leading to complete system compromise. No patch is currently available from the vendor.
Arbitrary code execution in Mattermost Desktop App through version 6.2.0 results from insufficient validation of help menu links, enabling a malicious server administrator to execute arbitrary executables on affected users' systems when they click specially crafted help items. This vulnerability affects multiple versions including 5.2.13.0 and 6.0, requiring user interaction and authenticated server access to exploit. No patch is currently available for this HIGH severity vulnerability.
Heap buffer overflow in Perl's Crypt::URandom module (versions 0.41-0.54) allows denial of service through integer wraparound when negative length values are passed to the crypt_urandom_getrandom() XS function, causing heap corruption and application crashes. The vulnerability requires direct control over the length parameter, limiting real-world exploitability in typical usage scenarios where this value is hardcoded. No patch is currently available for affected users.
Stack buffer overflow in Wavlink WL-NU516U1 firmware up to version 130/260 allows authenticated remote attackers to achieve code execution via a malformed firmware_url parameter to /cgi-bin/adm.cgi. Public exploit code exists for this vulnerability and the vendor has not provided a patch despite early notification. The high CVSS score (7.2) reflects the severity of unauthenticated remote code execution risk, though exploitation currently requires high-level privileges.
SmarterTools SmarterMail before 9526 allows XSS via MAPI requests. [CVSS 7.2 HIGH]
Total VPN 0.5.29.0 on Windows contains an unquoted search path vulnerability in win-service.exe that allows local attackers with low privileges to achieve code execution through path manipulation. The vulnerability requires high attack complexity and local access, but no patch is currently available from the vendor.
Flos Freeware Notepad2 versions 4.2.22 through 4.2.25 contain an uncontrolled search path vulnerability in Msimg32.dll that allows local attackers with user-level privileges to achieve code execution and system compromise. Exploitation requires high complexity and local access, but successful attacks can result in complete system confidentiality, integrity, and availability breaches. No patch is currently available, and the vendor has not responded to disclosure attempts.