Lucene search
+L

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 12:46 p.m.8 views

Security Bulletin:Safe Join Function Vulnerability Fixed in Werkzeug v3.1.6

Summary Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fac...

6.3CVSS5.7AI score0.00556EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 5:4 p.m.6 views

CVE-2026-25359

Deserialization of Untrusted Data vulnerability in rascals Pendulum pendulum allows Object Injection.This issue affects Pendulum: from n/a through 3.1.5...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2026/01/13 7:44 p.m.26 views

CVE-2026-21287

CVE-2026-21287 affects Substance3D Stager

7.8CVSS7.3AI score0.0018EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/11 8:43 p.m.5 views

CVE-2025-61835 Substance3D - Stager | Integer Underflow (Wrap or Wraparound) (CWE-191)

Substance3D - Stager versions 3.1.5 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.3AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2025/11/11 8:43 p.m.10 views

CVE-2025-61834

Adobe Substance3D Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability (CVE-2025-61834) that could allow arbitrary code execution in the context of the current user and requires the victim to open a malicious file. The connected Nessus advisory APSB25-113 references ad...

7.8CVSS7.3AI score0.00226EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28109

Malicious code in bioql PyPI...

10CVSS8.8AI score0.00365EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.5 views

PT-2024-34198 · Unknown · Templately

Name of the Vulnerable Software and Affected Versions: Templately versions 3.1.5 and earlier Description: The issue is related to a Missing Authorization vulnerability in Templately, which allows exploitation due to incorrectly configured access control security levels. Recommendations: For...

6.5CVSS6.5AI score0.00368EPSS
Exploits0References2
Rows per page
Query Builder