234 matches found
UBUNTU-CVE-2025-40302
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
EUVD-2018-8152
Malware in sbrugna...
EUVD-2018-20502
Malware in sbrugna...
EUVD-2021-16964
Malware in sbrugna...
EUVD-2007-0663
Malware in sbrugna...
EUVD-2023-54363
Malicious code in bioql PyPI...
EUVD-2025-30948
Malicious code in bioql PyPI...
EUVD-2022-29994
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-9035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libmatio.a in matio aka MAT File I/O Library 1.5.13. There is a stack-based buffer over-read in the function ReadNextStructField in...
CVE-2025-54492
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2010-20114
VariCAD EN up to and including version 2010-2.05 is vulnerable to a stack-based buffer overflow when parsing .dwb drawing files. The application fails to properly validate the length of input data embedded in the file, allowing a crafted .dwb file to overwrite critical memory structures. This fla...
Malicious code in omega-cms-lf-ng-md-file-input (npm)
The package omega-cms-lf-ng-md-file-input was found to contain malicious code...
MAL-2025-28210 Malicious code in omega-cms-lf-ng-md-file-input (npm)
The package omega-cms-lf-ng-md-file-input was found to contain malicious code...
EyouCMS 安全漏洞
EyouCMS is an open source content management system CMS based on ThinkPHP by China Eyou Eyou. A security vulnerability exists in EyouCMS version 1.7.3, which originates from improper neutralization of index.php input and may lead to cross-site scripting attacks...
CVE-2024-26540
A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimglibrary::CImg::loadanalyze...
CVE-2024-37794
Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service DoS via a crafted SMT2 input file...
CVE-2023-28102
discordrb is an implementation of the Discord API using Ruby. In discordrb before commit 91e13043ffa the encoder.rb file unsafely constructs a shell string using the file parameter, which can potentially leave clients of discordrb vulnerable to command injection. The library is not directly...
Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint
In open-webui version 0.3.8, the endpoint /models/upload is vulnerable to arbitrary file write due to improper handling of user-supplied filenames. The vulnerability arises from the usage of filepath = f"UPLOADDIR/file.filename" without proper input validation or sanitization. An attacker can...
Online Notice Board System 1.0 Arbitrary File Upload
============================================================================================================================================= | Title : Online Notice Board System project 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozil...
TOTOLINK A3700R 安全漏洞
The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3700R suffers from a buffer overflow vulnerability that originates from the File parameter in the UploadCustomModule function failing to properly validate the length and size of the input data, which ca...