Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 673— Search: RCE×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
SourceCodester Best House Rental Management System V1.0 SQL Injection Vulnerability
vuldb.com · 2025-11-09

- **Title**: SourceCodester Best House Rental Management System V1.0 SQL Injection - **Description**: - SQL injection vulnerability in the "delete_house" function of the "/admin_class.php" file. - Ins…

Read more
CMS Security Advisory: 5 CVEs including RCE, SQLi, and Info Disclosure
xibosignage.com · 2025-11-09

### Critical Vulnerability Information #### Vulnerability Overview - **Security Advisory**: 5 issues affecting CMS - **Release Date**: May 30, 2023 - **Recommended Upgrade Versions**: 2.3.17 or 3.3.5 …

Read more
Open WebUI CVE-2025-64495 Stored DOM XSS Leading to RCE
github.com · 2025-11-09

### Key Information - **Vulnerability Type**: Stored DOM XSS - **Trigger Condition**: When the "Insert Prompt as Rich Text" feature is enabled, the vulnerability is triggered by inserting malicious HT…

Read more
Unrestricted File Upload Vulnerability in Online Note Platform V1.0 Leading to RCE
github.com · 2025-11-09

## Critical Vulnerability Summary ### Affected Product - Online note-sharing platform ### Version - V1.0 ### Vulnerability Type - Unrestricted Upload ### Root Cause - In the `userprofile.php` file, in…

Read more
CVE-2025-12487: oobabooga text-generation-webui trust_remote_code RCE Vulnerability
www.zerodayinitiative.com · 2025-11-09

## Vulnerability Key Information - **Vulnerability Name**: oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability - **ZDI ID**: ZDI-25-982 -…

Read more
Apple Watch Security Update: WebKit RCE and Kernel Privilege Escalation Fixes
support.apple.com · 2025-11-09

- Released: December 6, 2018 - Available for: Apple Watch Series 1 and later ### Vulnerabilities Summary #### Airport - **Impact**: Malicious app can elevate privileges - **Description**: Memory handl…

Read more
ClickHouse 7 RCE/DoS Vulnerabilities Analysis (CVE-2021-43304, etc.)
jfrog.com · 2025-11-09

## Critical Vulnerability Information **7 RCE and DoS Vulnerabilities Found in ClickHouse DBMS** **Date**: March 15, 2022 **Author**: Oriya Yavniveli, JFrog Security Research Team Leader ### Vulnerabi…

Read more
WebFileExplorer 3.1 SQL Injection Auth Bypass leading to RCE
www.exploit-db.com · 2025-11-09

### Key Information - **Vulnerability Details** - **Vulnerability Name**: WebFileExplorer 3.1 - Authentication Bypass - **EDB-ID**: 8382 - **CVE**: - 2009-1323 - 2009-1314 - **Author**: OSIRYS - **Typ…

Read more
iOS/iPadOS 16.7.3 Security Update: Fixes for WebKit RCE, Kernel Privilege Escalation, and 11 CVEs
support.apple.com · 2025-11-09

### Key Information - **Release Version**: iOS 16.7.3 and iPadOS 16.7.3 - **Release Date**: December 11, 2023 #### Vulnerability Details | Vulnerability | Impact | Description | |---------------|-----…

Read more
PHP Live Helper <= 2.0.1 Multiple Vulnerabilities Advisory (SQLi/RCE)
securityreason.com · 2025-11-09

## Key Information - **Vulnerability Title**: PHP Live Helper <= 2.0.1 Multiple Vulnerabilities - **Risk Level**: High - **Vulnerability Type**: Multiple Vulnerabilities - **CVE ID**: CVE-2008-3762, C…

Read more
Novell GroupWise gwcls1.dll ActiveX Control RCE Vulnerability (CVE-2012-0439)
www.zerodayinitiative.com · 2025-11-09

## Vulnerability Key Information - **Vulnerability Name**: Novell GroupWise gwcls1.dll ActiveX Control Remote Code Execution Vulnerability - **Vulnerability ID**: ZDI-13-008, ZDI-CAN-1329 - **CVE ID**…

Read more
PowerDNS Recursor Vulnerability Summary: RCE, DoS, Info Disclosure
docs.powerdns.com · 2025-11-09

- Vulnerability Types: - Cache Poisoning: Crafted delegations or IP fragments can poison cached delegations in Recursor - Denial of Service: Multiple advisories related to Denial of Service, including…

Read more
RealNetworks RealPlayer ActiveX Control CDDA URI Uninitialized Pointer RCE (CVE-2010-3747)
www.zerodayinitiative.com · 2025-11-09

## Advisory Details **Vulnerability:** RealNetworks RealPlayer ActiveX Control CDDA URI Uninitialized Pointer Remote Code Execution Vulnerability - **ZDI IDs:** ZDI-10-210, ZDI-CAN-600 - **CVE ID:** C…

Read more
Cacti v1.2.8 Remote Code Execution via Local File Inclusion
gist.github.com · 2025-11-09

From the `cacti-exploit.py` file in this screenshot, the following key information can be obtained: ### Vulnerability Description * **Vulnerability Title**: Cacti v1.2.8 Remote Code Execution (RCE) * …

Read more
Cisco Security Advisory: Multiple Vulnerabilities including RCE, DoS, and Info Disclosure (CVE-2025-20333 etc.)
tools.cisco.com · 2025-11-09

|ADVISORY|IMPACT|CVE|LAST UPDATED|VERSION| |---|---|---|---|---| |Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Exec…

Read more
PDF-XChange Editor U3D Parsing Memory Corruption RCE (CVE-2022-42377)
www.zerodayinitiative.com · 2025-11-09

# PDF-XChange Editor U3D File Parsing Memory Corruption Remote Code Execution Vulnerability **Advisory IDs:** - ZDI-22-1367 - ZDI-CAN-18630 **CVE ID:** - CVE-2022-42377 **CVSS Score:** - 7.8, AV:L/AC:…

Read more
Jenkins Security Advisory: Multiple Plugins Vulnerabilities (RCE/XSS/CSRF)
www.jenkins.io · 2025-11-09

## Jenkins Security Advisory 2023-05-16 ### Affected Plugins - Ansible Plugin - AppSpider Plugin - Azure VM Agents Plugin - CAS Plugin - Code Dx Plugin - Email Extension Plugin - File Parameter Plugin…

Read more
YetiForce 6.4.0 Stored XSS Vulnerability (CVE-2022-3002)
huntr.dev · 2025-11-09

### Critical Vulnerability Information - **CVE**: CVE-2022-3002 (Published) - **Vulnerability Type**: CWE-79: Cross-site Scripting (XSS) - Stored - **Severity**: Medium (5.4) - **Affected Versions**: …

Read more
F5 BIG-IP iControl iCall Authenticated RCE Exploit Module
www.rapid7.com · 2025-11-09

```md ### F5 iControl iCall::Script Root Command Execution #### Key Information - **Disclosure Date:** Sep 3, 2015 - **Creation Date:** May 30, 2018 #### Description This module exploits an authentica…

Read more
Ubuntu USN-3770-2: Little CMS Vulnerabilities Fix (RCE/DoS)
usn.ubuntu.com · 2025-11-09

- **Title**: USN-3770-2: Little CMS vulnerabilities - **Publication Date**: 20 September 2018 - **Overview**: Several security issues were fixed in Little CMS - **Details**: - Pedro Ribeiro discovered…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.