Citrix NetScaler Out-of-Bounds Read Vulnerability

Omnissa Workspace ONE Server-Side Request Forgery

Craft CMS Code Injection Vulnerability

n8n Improper Control of Dynamically-Managed Code Resources Vulnerability

Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability

Aquasecurity Trivy Embedded Malicious Code Vulnerability

Langflow Code Injection Vulnerability

Laravel Livewire Code Injection Vulnerability

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

Google Dawn Use-After-Free Vulnerability

Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability

Google Skia Out-of-Bounds Write Vulnerability

F5 BIG-IP Stack-Based Buffer Overflow Vulnerability

TrueConf Client Download of Code Without Integrity Check Vulnerability

SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

Wing FTP Server Information Disclosure Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability

BentoML: SSTI via Unsandboxed Jinja2 in Dockerfile Generation

Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

Apple Multiple Products Improper Locking Vulnerability

Apple Multiple Products Classic Buffer Overflow Vulnerability

Apple Multiple Products Buffer Overflow Vulnerability

libp2p-rendezvous: Unlimited namespace registrations per peer enables OOM DoS on rendezvous servers

a11y-mcp: Server-Side Request Forgery (SSRF) vulnerability in A11yServer function

Keycloak: Replay of action tokens via improper handling of single-use entries

AVideo: CSRF on Player Skin Configuration via admin/playerUpdate.json.php