205643 matches found
CVE-2025-65086
An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed...
CVE-2026-44262
Scramble generates API documentation for Laravel project. From 0.13.2 to before 0.13.22, when documentation endpoints are publicly accessible and validation rules reference user-controlled input, request supplied data may be evaluated during documentation generation, leading to execution of...
CVE-2026-44011
Craft CMS is a content management system CMS. From 4.0.0 to before 4.17.12 and 5.9.18, Craft CMS which contains an input-handling flaw in a Yii object creation path that let any authenticated user inject malicious configuration and execute arbitrary commands on the server. The request-controlled...
CVE-2025-65087
An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed...
CVE-2025-65086
An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed...
CVE-2025-65086
The CVE-2025-65086 entry describes an Out-of-Bounds Write vulnerability in Ashlar-Vellum products Cobalt, Xenon, Argon, Lithium, and Cobalt Share, affected in version 12.6.1204.216 and earlier. The issue arises during parsing of a specially crafted VC6 file, allowing an attacker to execute arbitr...
CVE-2026-31254
The flash-attention project thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 2025-13-04 contains a code injection vulnerability CWE-94 in its training script. The script registers the Python eval function as a Hydra configuration resolver under the name eval. This allows configuration files t...
CVE-2026-31253
The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 2025-13-04 contains an insecure deserialization vulnerability CWE-502 in its checkpoint loading mechanism. The loadcheckpoint function in checkpoint.py and the checkpoint loading code in eval.py use...
CVE-2026-44858
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...
CVE-2026-44859
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...
CVE-2026-44857
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...
CVE-2026-34690
The CVE-2026-34690 entry describes a Stack-based Buffer Overflow in Adobe After Effects Versions 26.0, 25.6.4 and earlier that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). No concrete remediation d...
CVE-2026-34690
After Effects versions 26.0, 25.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34690 After Effects | Stack-based Buffer Overflow (CWE-121)
After Effects versions 26.0, 25.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Deserialization of Untrusted Data
Overview ludwig is a Declarative machine learning: End-to-end machine learning pipelines using data-driven configurations. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the model serving process. An attacker can execute arbitrary code on the system by...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to improper bounds checking in memory operations. An attacker can execute arbitrary code or escalate privileges by supplying crafted input to the affected process. Remediation Upgrade...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to improper bounds checking in memory operations. An attacker can execute arbitrary code or escalate privileges by supplying crafted input to the affected process. Remediation Upgrade...
CVE-2026-34683
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34682
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34684
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...