120943 matches found
CVE-2025-70559
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the applicati...
CVE-2025-70560
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...
Victor CMS 跨站脚本漏洞
Victor CMS is an open-source content management system developed by Victor Alagwu in Nigeria. Version 1.0 of Victor CMS had a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting vulnerability in the commentauthor POST parameter, which could all...
CVE-2025-67189
CVE-2025-67189 affects TOTOLINK A950RG, specifically the setParentalRules interface where the urlKeyword parameter is not properly validated. The vulnerability arises from concatenating multiple user-supplied fields into a fixed-size stack buffer without boundary checks, enabling a remote attacke...
Linux Distros Unpatched Vulnerability : CVE-2025-69209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attack...
PT-2026-5948
Name of the Vulnerable Software and Affected Versions Lexmark CX532adwe affected versions not specified Description A type confusion exists within the Postscript interpreter in Lexmark devices. This issue allows an attacker to execute arbitrary code as an unprivileged user. The vulnerability was...
PT-2026-5949
Name of the Vulnerable Software and Affected Versions Lexmark devices affected versions not specified Description An out-of-bounds read issue exists in the Postscript interpreter used in Lexmark devices. An attacker can potentially use this to execute arbitrary code with unprivileged user...
StreamRipper32 安全漏洞
StreamRipper32 is an open-source tool developed by StreamRipper for capturing and saving MP3 files from online radio stations. Version 2.6 of StreamRipper32 contains a security vulnerability, which stems from a buffer overflow in the Station/Song Section component, potentially allowing arbitrary...
Kubernetes ingress-nginx 安全漏洞
Kubernetes ingress-nginx is a Kubernetes entry controller open-sourced by the Cloud Native Computing Foundation. It uses NGINX as a reverse proxy and load balancer. There is a security vulnerability in Kubernetes ingress-nginx; this vulnerability stems from the rules.http.paths.path Ingress field...
LizardSystems LanSend 安全漏洞
LizardSystems LanSend is a local area network message sending tool developed by LizardSystems Corporation. Version 3.2 of LizardSystems LanSend contains a security vulnerability. This vulnerability stems from the addition of a computer wizard file import function that has a buffer overflow issue,...
Roland Cloud Manager 代码问题漏洞
Roland Cloud Manager is a software management platform developed by the Japanese company Roland. Versions of Roland Cloud Manager 3.1.19 and earlier contained code vulnerabilities due to insecure loading of dynamic link libraries. These vulnerabilities could allow attackers to execute arbitrary...
Lexmark多款产品 安全漏洞
The Lexmark CX410, among others, is a product of the American company Lexmark. The Lexmark CX410 is a printer. The Lexmark CX510 is a multifunctional printer. The Lexmark CX82x is also a multifunctional printer. Several Lexmark products have security vulnerabilities; these vulnerabilities stem fr...
Linux Distros Unpatched Vulnerability : CVE-2025-70559
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMa...
ELECOM多款产品 安全漏洞
ELECOM WAB-S600-PS, among others, are products from the Japanese company ELECOM. ELECOM WAB-S600-PS is a wireless access point. ELECOM WAB-S300 is also a wireless access point. ELECOM WAB-S733IW2-PD is a wireless access point device. Several of ELECOM’s products have security vulnerabilities; the...
CVE-2025-70559
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation, allowing an attacker who can place a malicious pickle file in a reachable location to trigger arbitrary...
iccDEV 缓冲区错误漏洞
iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.2 contained a buffer error vulnerability. This vulnerability stemmed from the icFixXml function, which, when processing malformed ICC configuration files,...
Lexmark 安全漏洞
Lexmark is a series of printers produced by the American company Lexmark. Several Lexmark products have security vulnerabilities, which stem from relative path traversal in the embedded solution framework, potentially allowing for the execution of arbitrary code. The following products are...
Flexense Disk Sorter Enterprise 代码问题漏洞
Flexense Disk Sorter Enterprise is a file management and disk space analysis software developed by Flexense Corporation. Version 12.4.16 of Flexense Disk Sorter Enterprise contains a code vulnerability. This vulnerability stems from a service path vulnerability in service configurations that lack...
Lexmark多款产品 安全漏洞
The Lexmark CX410, among others, is a product of the American company Lexmark. The Lexmark CX410 is a printer. The Lexmark CX510 is a multifunctional printer. The Lexmark CX82x is also a multifunctional printer. Several Lexmark products have security vulnerabilities; these vulnerabilities stem fr...
Security update for libsoup (important)
openSUSE security update: security update for libsoup ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20142-1 Rating: important References: bsc1250562 bsc1256399 bsc1256418 Cross-References: CVE-2025-11021 CVE-2026-0716 CVE-2026-0719 CVSS scores:...