Lucene search
K

120932 matches found

CNNVD
CNNVD
added 2026/02/04 12:0 a.m.10 views

Autodesk 3ds Max 缓冲区错误漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. Autodesk 3ds Max has a buffer error vulnerability, which stems from memory corruption during the parsing of specially crafted RGB files. This vulnerability may allow for the execution of arbitrary code...

8.4CVSS6.2AI score0.00172EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.5 views

PT-2026-6017

Name of the Vulnerable Software and Affected Versions Autodesk 3ds Max affected versions not specified Description A specially designed project directory, when used to open a max file in Autodesk 3ds Max, may allow for the execution of arbitrary code with the privileges of the current process. Th...

7.8CVSS6AI score0.00182EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.9 views

Autodesk 3ds Max 安全漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There is a security vulnerability in Autodesk 3ds Max, which stems from a stack buffer overflow issue during the parsing of specially crafted GIF files. This vulnerability may allow for the execution of...

8.4CVSS6.2AI score0.00188EPSS
Exploits0References3
CVE
CVE
added 2026/02/04 12:0 a.m.14 views

CVE-2025-69621

CVE-2025-69621 affects Comic Book Reader v1.0.95. The vulnerability is an arbitrary file overwrite in the file import process, which could allow overwriting critical internal files and potentially lead to arbitrary code execution or exposure of sensitive information. Provided connected sources co...

8.1CVSS6.2AI score0.00481EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.8 views

Langroid 代码注入漏洞

Langroid is an open-source tool developed using multi-agent programming for LLM tasks. Versions of Langroid prior to 0.59.32 had a code injection vulnerability. This vulnerability stemmed from a bypass in the TableChatAgent’s invocation of the pandaseval tool, which could allow arbitrary code to ...

9.6CVSS6.8AI score0.00648EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.4 views

PT-2026-6014

Name of the Vulnerable Software and Affected Versions Autodesk Arnold affected versions not specified Autodesk 3ds Max affected versions not specified Description A specially designed USD file can cause an Out-of-Bounds Write issue when opened or imported into Autodesk Arnold or Autodesk 3ds Max...

7.8CVSS5.6AI score0.0021EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2026/02/04 12:0 a.m.7 views

Important: python3.12-wheel security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.1CVSS5.7AI score0.00278EPSS
Exploits2References4
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.5 views

Docker Desktop 安全漏洞

Docker Desktop is a desktop software from the American company Docker, designed for lightweight application deployment using container technology. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well as...

6.7CVSS6.9AI score0.00196EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.8 views

PT-2026-6266

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.4.8 Description n8n is a workflow automation platform. A flaw in the Python Code node allows authenticated users to bypass the Python sandbox and run code outside the intended security limits. The vulnerability allows f...

9.9CVSS6.3AI score0.00526EPSS
Exploits0References12
OSV
OSV
added 2026/02/04 12:0 a.m.4 views

ALSA-2026:1902 Important: python-wheel security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.1CVSS5.3AI score0.00278EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.11 views

Notepad++ < 8.8.9 Update Integrity Verification Vulnerability

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain a vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download and execute an attacker-controll...

7.7CVSS6.5AI score0.01268EPSS
Exploits0References2
OSV
OSV
added 2026/02/04 12:0 a.m.4 views

ALSA-2026:1939 Important: python3.12-wheel security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.1CVSS5.7AI score0.00278EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.6 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Emacs vulnerabilities (USN-8011-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8011-1 advisory. It was discovered that Emacs could trigger unsafe Lisp macro expansion, when a user invoked elisp- completion-at-point on untrust...

8.8CVSS8.2AI score0.02679EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.3 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Pagure vulnerabilities (USN-7984-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7984-1 advisory. Thomas Chauchefoin discovered that Pagure incorrectly handled symbolic links in Git repositories. A remote attacker could possibl...

9.8CVSS6AI score0.00849EPSS
Exploits2References5
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.8 views

Movable Type 安全漏洞

Movable Type is a content management system developed by Movable Type Inc. There is a security vulnerability in Movable Type, which stems from CSV files generated when is entered; these files may contain malicious code, potentially allowing arbitrary code to execute on the user’s system...

6.5CVSS7AI score0.00216EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.5 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : GNU C Library vulnerabilities (USN-8005-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8005-1 advisory. Vitaly Simonovich discovered that the GNU C Library did not properly initialize the input when...

8.4CVSS7.2AI score0.00564EPSS
Exploits1References5
OSV
OSV
added 2026/02/03 11:16 p.m.4 views

CVE-2026-24512

A security issue was discovered in ingress-nginx where the rules.http.paths.path Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note tha...

8.8CVSS6.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 10:17 p.m.4 views

CVE-2026-24512 ingress-nginx auth-method nginx configuration injection

A security issue was discovered in ingress-nginx where the rules.http.paths.path Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note tha...

8.8CVSS6.5AI score0.00501EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 10:16 p.m.5 views

CVE-2026-1580

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/auth-method Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to t...

8.8CVSS6.3AI score0.00485EPSS
Exploits0References2
OSV
OSV
added 2026/02/03 10:16 p.m.3 views

CVE-2020-37072

Victor CMS 1.0 contains a stored cross-site scripting vulnerability in the 'commentauthor' POST parameter that allows attackers to inject malicious scripts. Attackers can submit crafted JavaScript payloads through the comment submission form to execute arbitrary code in victim browsers...

6.1CVSS6AI score0.00234EPSS
Exploits1References3
Rows per page
Query Builder