Lucene search
K

120961 matches found

CNNVD
CNNVD
added 2025/12/18 12:0 a.m.9 views

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW version 2025 Q3 and prior versions that originates from an out-of-bounds read when parsing a corrupted VI file, which could lead to...

8.5CVSS6.4AI score0.00132EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW National Instruments LabVIEW version 2025 Q3 and earlier versions, which originates from an out-of-bounds read when parsing a corrupted V...

8.5CVSS6.5AI score0.00132EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2025/12/18 12:0 a.m.5 views

KLA90825 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebGPU can be exploited to cause...

8.8CVSS7.9AI score0.0281EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.6 views

PT-2025-52242

Name of the Vulnerable Software and Affected Versions NI LabVIEW versions 2025 Q3 25.3 and prior Description A use-after-free issue exists in the sentry span set data function when processing a malformed VI file. Exploitation of this issue could lead to information disclosure or arbitrary code...

8.5CVSS6.9AI score0.00132EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.6 views

PT-2025-52234

Name of the Vulnerable Software and Affected Versions NI LabVIEW versions prior to 2025 Q3 25.3 Description An out of bounds read issue exists in NI LabVIEW within the VisaWriteFromFile function when processing a corrupted VI file. Exploitation of this issue could lead to information disclosure o...

8.5CVSS6.8AI score0.00132EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.4 views

Mozilla Firefox < 3.0.12

The version of Firefox installed on the remote Windows host is prior to 3.0.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2009-34 advisory. - The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of...

10CVSS9.1AI score0.1323EPSS
Exploits3References14
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.6 views

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW version 2025 Q3 and prior versions that originates from an out-of-bounds read when parsing a corrupted VI file, which could lead to...

8.5CVSS6.3AI score0.00135EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW version 2025 Q3 and prior versions that originates from a stack buffer overflow when parsing a corrupted VI file, which could lead to...

8.5CVSS6.8AI score0.00134EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.10 views

PT-2025-52310

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A reflected cross-site scripting issue exists in Kentico Xperience. Authenticated users can inject malicious scripts into the administration interface. Exploitation allows attackers...

5.4CVSS6.2AI score0.00165EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 146.0.1, which stems from a memory security issue that could lead to memory corruption and execution of arbitrary code...

8.8CVSS6.4AI score0.00208EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2025/12/18 12:0 a.m.5 views

Firefox -- Memory safety bugs

https://bugzilla.mozilla.org/buglist.cgi?bugid=1996570%2C1999700 reports: Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

8.8CVSS7.3AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2025/12/17 11:16 p.m.7 views

CVE-2025-68432

Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Language Server Protocol LSP configurations from the settings.json file located within a project’s .zed subdirectory. A malicious LSP configuration can contain arbitrary shell...

7.7CVSS0.0027EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/17 10:47 p.m.4 views

CVE-2025-68433 Zed IDE MCP Context Server Configuration Arbitrary Code Execution

Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Model Context Protocol MCP configurations from the settings.json file located within a project’s .zed subdirectory. A malicious MCP configuration can contain arbitrary shell...

7.7CVSS7.4AI score0.00252EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/17 10:47 p.m.10 views

EUVD-2025-204009

Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Model Context Protocol MCP configurations from the settings.json file located within a project’s .zed subdirectory. A malicious MCP configuration can contain arbitrary shell...

7.7CVSS7.3AI score0.00252EPSS
Exploits1References2
OSV
OSV
added 2025/12/17 10:47 p.m.4 views

CVE-2025-68433 Zed IDE MCP Context Server Configuration Arbitrary Code Execution

Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Model Context Protocol MCP configurations from the settings.json file located within a project’s .zed subdirectory. A malicious MCP configuration can contain arbitrary shell...

7.7CVSS7.7AI score0.00252EPSS
Exploits1References4
CVE
CVE
added 2025/12/17 10:47 p.m.17 views

CVE-2025-68433

CVE-2025-68433 affects Zed IDE prior to 0.218.2-pre. The vulnerability arises from loading MCP configurations from a project/.zed/settings.json without explicit user confirmation, allowing a malicious MCP to execute arbitrary shell commands on the host with the IDE user’s privileges when a projec...

7.7CVSS7.4AI score0.00252EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/17 10:45 p.m.4 views

CVE-2025-68432 Zed IDE LSP Binary Configuration Arbitrary Code Execution

Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Language Server Protocol LSP configurations from the settings.json file located within a project’s .zed subdirectory. A malicious LSP configuration can contain arbitrary shell...

7.7CVSS7.5AI score0.0027EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/17 10:45 p.m.22 views

CVE-2025-68432 Zed IDE LSP Binary Configuration Arbitrary Code Execution

Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Language Server Protocol LSP configurations from the settings.json file located within a project’s .zed subdirectory. A malicious LSP configuration can contain arbitrary shell...

7.7CVSS0.0027EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/17 10:45 p.m.6 views

EUVD-2025-204010

Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Language Server Protocol LSP configurations from the settings.json file located within a project’s .zed subdirectory. A malicious LSP configuration can contain arbitrary shell...

7.7CVSS7.3AI score0.0027EPSS
Exploits1References2
CVE
CVE
added 2025/12/17 10:45 p.m.14 views

CVE-2025-68432

Summary: CVE-2025-68432 affects Zed IDE and enables arbitrary code execution by loading LSP configurations from a project’s .zed/settings.json. A malicious LSP entry could execute shell commands with the user’s privileges when a project file with an LSP entry is opened. Affected versions: prior t...

7.7CVSS7.5AI score0.0027EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder