Lucene search
K

16 matches found

CVE
CVE
added 2026/04/01 1:34 p.m.12 views

CVE-2026-34430

CVE-2026-34430 affects ByteDance DeerFlow versions before commit 92c7a20. A sandbox escape exists in the bash tool handling, allowing an attacker to bypass regex-based validation via shell features (e.g., directory changes, relative paths) and exploit incomplete shell semantics modeling to read/m...

9.6CVSS6.2AI score0.004EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-48125

Malicious code in bioql PyPI...

8.7CVSS8.6AI score0.00435EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.9 views

PT-2025-38730

Name of the Vulnerable Software and Affected Versions AiKaan Cloud Controller affected versions not specified Description The AiKaan Cloud Controller utilizes a single, hardcoded SSH private key and the username proxyuser for remote terminal access to all managed IoT/edge devices. When an...

9.8CVSS6.6AI score0.00397EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.14 views

The vulnerability of the Microsoft Visual Studio Code Python Extension, related to breach of confidentiality boundaries, allows the attacker to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio Code Python Extension is related to a breach of trust boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS5.8AI score0.00398EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/14 12:0 a.m.5 views

The vulnerability in the Transport Driver Interface (TDI) driver of Microsoft Windows operating systems allows a malicious actor to disclose protected information.

The vulnerability of the Transport Driver Interface TDI driver in Microsoft operating systems and Windows is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that should be protecte...

5.5CVSS5.7AI score0.00446EPSS
Exploits0References2
OSV
OSV
added 2025/07/11 12:17 p.m.3 views

OESA-2025-1755 mod_security security update

Security Fixes: A vulnerability was found in OWASP ModSecurity 2.9.8/2.9.10 and classified as critical.Using CWE to declare the problem leads to CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary...

6.5CVSS6.8AI score0.00346EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/05/07 10:15 p.m.1 views

CVE-2025-31644

When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command which may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful exploit can allow the attacke...

8.7CVSS7.4AI score0.26055EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/05/07 10:15 p.m.7 views

CVE-2025-31644

When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command which may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful exploit can allow the attacke...

8.5CVSS7.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/07/05 12:0 a.m.5 views

The vulnerability of the VMware ESXi hypervisor, related to memory-walking, allows a attacker to trigger a service failure.

The vulnerability of the VMware ESXi hypervisor is related to reading beyond the memory boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.8CVSS7.4AI score0.0019EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.6 views

The vulnerability of the _bfd_stab_section_find_nearest_line function in the syms.c component of the GNU Binutils development environment allows a attacker to cause a service failure.

The vulnerability of the bfdstabsectionfindnearestline function in the syss.c component of the GNU Binutils development environment is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to trigger a service failur...

7.8CVSS7AI score0.01326EPSS
Exploits1References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/07/14 12:0 a.m.6 views

The vulnerability of the FortiOS operating systems and the FortiProxy proxy server, related to the breach of the buffer boundary, allows attackers to execute arbitrary code by sending specially crafted SSL packets.

The vulnerability of the FortiOS operating systems and the FortiProxy proxy server for protecting against Internet attacks is related to a breach of the buffer boundary. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code by sending specially crafted SS...

10CVSS8.6AI score0.01873EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2023/01/17 7:40 p.m.8 views

GSD-2023-1001636 media: vivid: fix compose size exceed boundary

media: vivid: fix compose size exceed boundary This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.7 views

The vulnerability of the Application Visibility and Control (AVC-FNF) function in the Cisco IOS XE operating system of Cisco Catalyst 9800 and 9800-CL for Cloud controller devices allows a intruder to trigger a service failure.

The vulnerability of the Application Visibility and Control AVC-FNF function in the Cisco IOS XE operating system of Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers is related to a breach of the buffer’s initial boundary. Exploiting this vulnerability can allow an attacker ...

8.6CVSS6.6AI score0.01437EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.7 views

The vulnerability of the WebKit component of the iOS operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the WebKit component of the iOS operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially crafted website...

9.3CVSS8.4AI score0.66788EPSS
Exploits9References5Affected Software1
OSV
OSV
added 2020/10/02 9:15 p.m.2 views

CVE-2020-5983

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of...

7.1CVSS7.3AI score0.00322EPSS
Exploits0References1
NVD
NVD
added 2003/08/27 4:0 a.m.25 views

CVE-2003-0699

The C-Media PCI sound driver in Linux before 2.4.21 does not use the getuser function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700...

7.5CVSS6.3AI score0.01961EPSS
Exploits0References4
Rows per page
Query Builder