CVE-2026-12897

Horner Automation Cscape shows an Out-of-Bounds Read vulnerability in versions prior to 10.2 SP3, caused by parsing CSP files. The issue can lead to information disclosure and arbitrary code execution. Affected product: Horner Automation Cscape. Root cause: improper handling during CSP file parsi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: fio (UTSA-2026-016798)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016798 advisory. A NULL pointer dereference vulnerability exists in fio Flexible I/O Tester v3.41 when parsing job files containing the fdppli option. The callback function strfdppli...

CVE-2026-30656

A NULL pointer dereference vulnerability exists in fio Flexible I/O Tester v3.41 when parsing job files containing the fdppli option. The callback function strfdpplicb does not validate the input pointer and calls strdup on a NULL value when the option is specified without an argument. This resul...

CVE-2026-30656

A NULL pointer dereference vulnerability exists in fio Flexible I/O Tester v3.41 when parsing job files containing the fdppli option. The callback function strfdpplicb does not validate the input pointer and calls strdup on a NULL value when the option is specified without an argument. This resul...

Delta Electronics ASDA-Soft

RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to write arbitrary data beyond the bounds of a stack-allocated buffer, leading to the corruption of a structured exception handler SEH. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

CVE-2022-37374

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

CVE-2025-66585

In AzeoTech DAQFactory release 20.7 Build 2555, a use after free vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process...

CVE-2025-40936

A vulnerability has been identified in PS/IGES Parasolid Translator Component All versions V29.0.258, Simcenter Femap All versions V2512.0003, Solid Edge All versions V226.00 Update 03. The affected applications contains an out of bounds read vulnerability while parsing specially crafted IGS file...

CVE-2025-40936

A vulnerability has been identified in PS/IGES Parasolid Translator Component All versions V29.0.258, Solid Edge All versions V226.00 Update 03. The affected applications contains an out of bounds read vulnerability while parsing specially crafted IGS files. This could allow an attacker to crash...

CVE-2025-61798

Dimension versions 4.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...

EUVD-2021-21590

Malware in sbrugna...

EUVD-2021-21538

Malware in sbrugna...

EUVD-2018-21572

Malware in sbrugna...

EUVD-2022-37241

Malicious code in bioql PyPI...

EUVD-2022-37245

Malicious code in bioql PyPI...

EUVD-2024-19646

Malicious code in bioql PyPI...

EUVD-2022-35170

Malicious code in bioql PyPI...

EUVD-2022-37249

Malicious code in bioql PyPI...

EUVD-2022-37238

Malicious code in bioql PyPI...

Dassault Systèmes eDrawings Viewer PAR File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...