21 matches found
SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths
Overview SANUPS SOFTWARE provided by SANYO DENKI CO., LTD. contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2026-33253 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
CVE-2026-33253
SANUPS SOFTWARE provided by SANYO DENKI CO., LTD. registers Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2026-33253
creationtimestamp| type| source ---|---|--- 2026-03-25 03:00:00+00:00| seen| https://jvn.jp/en/jp/JVN90835713/...
fast-whisper-diarizer (>=0.1.2 <=0.1.32), faster-whisper-hotkey (>=0.2.7 <=0.4.3) +10 more potentially affected by CVE-2025-33253 via nemo-toolkit (>=2.0.0rc0 <=2.5.3)
nemo-toolkit PYPI version =2.0.0rc0, =0.1.2, =0.2.7, =1.0.0, =0.0.1, =0.0.1, =0.1.1, =0.1.0, =1.0.0, =1.0.7 Source cves: CVE-2025-33253 Source advisory: SNYK:PYTHON-NEMOTOOLKIT-15325663...
CVE-2025-33253
creationtimestamp| type| source ---|---|--- 2026-02-18 14:18:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf5bi3a7bc2s 2026-02-18 14:18:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf5biuzxew25...
CVE-2025-33253
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...
CVE-2022-33253
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames...
EUVD-2025-33253
Memory corruption while processing an escape call...
CVE-2024-33253
Cross-site scripting XSS vulnerability in GUnet OpenEclass E-learning Platform version 3.15 and before allows a authenticated privileged attacker to execute arbitrary code via the title and description fields of the badge template editing function...
CVE-2024-33253
Cross-site scripting XSS vulnerability in GUnet OpenEclass E-learning Platform version 3.15 and before allows a authenticated privileged attacker to execute arbitrary code via the title and description fields of the badge template editing function...
CVE-2024-33253
Cross-site scripting XSS vulnerability in GUnet OpenEclass E-learning Platform version 3.15 and before allows a authenticated privileged attacker to execute arbitrary code via the title and description fields of the badge template editing function...
CVE-2024-33253
Cross-site scripting XSS vulnerability in GUnet OpenEclass E-learning Platform version 3.15 and before allows a authenticated privileged attacker to execute arbitrary code via the title and description fields of the badge template editing function...
CVE-2024-33253
Cross-site scripting XSS vulnerability in GUnet OpenEclass E-learning Platform version 3.15 and before allows a authenticated privileged attacker to execute arbitrary code via the title and description fields of the badge template editing function...
CVE-2023-33253
creationtimestamp| type| source ---|---|--- 2023-06-12 16:39:50+00:00| seen| https://t.me/cibsecurity/65133...
CVE-2023-33253
LabCollector 6.0 though 6.15 allows remote code execution. An authenticated remote low-privileged user can upload an executable PHP file and execute system commands. The vulnerability is in the message function, and is due to insufficient validation of the file such as shell.jpg.php.shell being...
CVE-2023-33253
LabCollector 6.0–6.15 is affected by CVE-2023-33253. The issue is in the message function and stems from insufficient validation of uploaded files (e.g., shell.jpg.php.shell), allowing an authenticated remote low-privileged user to upload an executable PHP file and execute system commands (remote...
Exploit for Unrestricted Upload of File with Dangerous Type in Agilebio Labcollector
CVE-2023-33253 LabCollector 6.0 though 6.15 allows remote cod...
CVE-2022-33253
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames...
CVE-2022-33253 Buffer over-read in WLAN
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames...
CVE-2022-33253
CVE-2022-33253 describes a transient Denial of Service caused by a buffer over-read in WLAN when parsing corrupted NAN frames. The initial description and multiple sources consistently reference a WLAN/NAN parsing bug that leads to DoS, with CVSS information indicating a Local vector (NVD) and a ...