2847714 matches found
IServ Schoolserver User Enumeration
IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Security Bulletin: Due to the use of Google Go, IBM Cloud Pak Sys is affected by an infinite loop when unmarshaling certain forms of invalid JSON
Summary Vulnerability in Go used by Cloud Pak System CVE-2024-24786. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which...
EUVD-2025-210422
picklescan before 0.0.28 fails to detect malicious pickle files that use torch.utils.data.datapipes.utils.decoder.basichandlers in reduce methods, allowing attackers to bypass safety checks. Remote attackers can embed undetected malicious code in pickle files that executes during deserialization,...
EUVD-2025-210423
Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle reduce methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks and enabling...
CVE-2025-71359
The CVE concerns the Python package picklescan prior to version 0.0.29, where the vulnerability lies in deserializing pickle payloads that leverage lib2to3.pgen2.grammar.Grammar.loads within the reduce method. This can enable remote code execution during pickle.load() , by crafting pickle files t...
CVE-2025-71353
CVE-2025-71353 affects picklescan prior to 0.0.28. The root cause is that the tool fails to detect malicious pickle payloads that exploit torch._dynamo.guards.GuardBuilder.get within reduce methods. Attackers can craft pickle files with embedded code that evade detection and trigger arbitrary com...
CVE-2025-71347
The vulnerability concerns picklescan prior to 0.0.33, which fails to detect malicious pickle files that rely on numpy.f2py.crackfortran.param_eval in reduce methods. This allows remote attackers to embed code that executes during deserialization in applications that load untrusted pickle data, e...
EUVD-2025-210413
picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.parameval function in reduce methods, allowing attackers to bypass security checks. Remote attackers can embed undetected code in pickle files that executes during deserialization, enabling arbitrary cod...
EUVD-2025-210411
picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.makelabel function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but executes arbitrary commands when pickle.load is called...
CVE-2026-57981
creationtimestamp| type| source ---|---|--- 2026-07-04 01:22:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mprvjicmpx2e 2026-07-04 04:15:13+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116859765559758505...
Security Bulletin: Potential denial of service in X.509 name checks in OpenSSL affect Cloud Pak System [CVE-2024-6119]
Summary Potential denial of service in X.509 name checks in OpenSSL affect Cloud Pak System. Vulnerability was addressed by IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: Issue summary: Applications performing certificate name checks e.g., TLS clients checking server...
Security Bulletin: IBM Cloud Pak System is vulnerable to HTML injection[CVE-2023-38007].
Summary IBM Cloud Pak System is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. Vulnerability was addressed in IBM Cloud Pak System. Vulnerability...
CVE-2026-58426
creationtimestamp| type| source ---|---|--- 2026-07-03 22:16:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mprl4pas652r 2026-07-04 00:00:38+00:00| seen| https://infosec.exchange/users/offseq/statuses/116858764503193267 2026-07-04 00:01:05+00:00| seen|...
CVE-2026-58289
creationtimestamp| type| source ---|---|--- 2026-07-03 22:14:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mprkz3ncbz2e 2026-07-04 02:04:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mprxujsddx25...
CVE-2026-58523
creationtimestamp| type| source ---|---|--- 2026-07-03 21:49:12+00:00| seen| https://bsky.app/profile/cybernewsroom.bsky.social/post/3mprjmlunko2x 2026-07-03 21:49:13+00:00| seen| https://bsky.app/profile/potato.software/post/3mprjmmwam72h 2026-07-03 21:49:17+00:00| seen|...
CVE-2026-14617
A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...
CVE-2026-58523
CVE-2026-58523 affects Microsoft Edge for Android. The issue is improper access control that allows an unauthenticated remote attacker to bypass a security feature over a network. The published data indicates a CVSS v3.1 base score of 6.5 (MEDIUM) with Network attack vector, low attack complexity...
CVE-2026-14605
creationtimestamp| type| source ---|---|--- 2026-07-03 21:00:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mprgvrigd72r 2026-07-03 22:02:56+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mprkf6gjah2i 2026-07-03 22:19:59+00:00| seen|...