CVE-2025-0514 Executable hyperlink Windows path targets executed unconditionally on activation

Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows Executable hyperlink targets to be executed unconditionally on activation.This issue affects LibreOffice: from 24.8 before 24.8.5...

CVE-2025-0514 Executable hyperlink Windows path targets executed unconditionally on activation

Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows Executable hyperlink targets to be executed unconditionally on activation.This issue affects LibreOffice: from 24.8 before 24.8.5...

CVE-2025-0514

The CVE-2025-0514 issue in LibreOffice is an improper input validation vulnerability that allows Windows executable hyperlink targets to be executed unconditionally on activation. Affected product: LibreOffice 24.8.x prior to 24.8.5. Underlying cause: improper handling of hyperlink targets within...

DEBIAN-CVE-2024-53878

NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service...

DEBIAN-CVE-2024-53871

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service...

DEBIAN-CVE-2024-53876

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service...

DEBIAN-CVE-2024-53875

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service...

UBUNTU-CVE-2024-53878

NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service...

CVE-2025-1067

There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS ArcGIS Pro, the fil...

CVE-2025-1067

There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS ArcGIS Pro, the fil...

CVE-2025-1068

There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, th...

CVE-2025-1068 There is a code injection vulnerability in Esri ArcGIS AllSource

There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, th...

CVE-2025-1068

CVE-2025-1068 affects Esri ArcGIS AllSource 1.2 and 1.3 (untrusted search path). A low-privilege attacker with write access to the local file system can plant a malicious executable that executes under the victim’s context when a specific ArcGIS AllSource action is performed. The issue is address...

CVE-2025-1067 There is a code injection vulnerability in ArcGIS Pro

There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS ArcGIS Pro, the fil...

CVE-2025-1067

CVE-2025-1067 describes an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4. A low-privileged user with write access to the local filesystem can place a malicious executable that, when a specific ArcGIS Pro action is performed, may execute with the victim’s privileges. The issue...

PT-2025-7928

Name of the Vulnerable Software and Affected Versions LibreOffice versions prior to 24.8.5 Description The issue is related to improper input validation, allowing Windows Executable hyperlink targets to be executed unconditionally when activated. Recommendations For versions prior to 24.8.5, upda...

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview shopxo/shopxo is an e-commerce system. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' due to insufficient input validation in the ThemeAdminService component. Authenticated attackers wit...

Malicious code in singtok (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 20dad294eb5c742d0044f1dde01f51646f0b34a86a7cb86c84547981276f46ce Importing the module starts Obfuscated code that downloads a well-recognized malware. In the further variations, the code that download and starts the maliciou...

MAL-2025-191899 Malicious code in tiksing (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ef883e1ad19e5cbeafdda023c535abc9a14f84f81dce26e06d9f10bf77013ab5 Importing the module starts Obfuscated code that downloads a well-recognized malware. In the further variations, the code that download and starts the maliciou...

MAL-2025-191868 Malicious code in singtok (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 20dad294eb5c742d0044f1dde01f51646f0b34a86a7cb86c84547981276f46ce Importing the module starts Obfuscated code that downloads a well-recognized malware. In the further variations, the code that download and starts the maliciou...