23151 matches found
PT-2025-14102 · Autodesk · Autodesk Navisworks
Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks affected versions not specified Description: The issue arises from a maliciously crafted DWFX file being parsed through Autodesk Navisworks, leading to a Memory Corruption vulnerability. This can be exploited by a maliciou...
Autodesk Navisworks 缓冲区错误漏洞
Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. in the United States. A security vulnerability exists in Autodesk Navisworks that originates from parsing a specially crafted DWFX file resulting in memory corruption that could...
The vulnerabilities of the FortiOS operating system’s GUI component, the FortiProxy proxy server for protecting against internet attacks, the FortiPAM account management system, the FortiWeb network gateway for web applications, and the FortiSRA software for secure remote access, allow attackers to execute arbitrary code or commands.
The vulnerabilities of the FortiOS operating system’s GUI component, the FortiProxy proxy server for protecting against Internet attacks, the FortiPAM account management system, the FortiWeb web application firewall, and the FortiSRA software for secure remote access are related to insufficient...
CVE-2025-24199
An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause a denial-of-service...
CVE-2025-24199
An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause a denial-of-service...
CVE-2025-24199
An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause a denial-of-service...
CVE-2025-24199
An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause a denial-of-service...
CVE-2025-24199
CVE-2025-24199 describes an uncontrolled format string issue in macOS components that is fixed by Apple in macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. The root cause relates to insufficient input validation, with the public description noting that an application may be able...
jinja2: Jinja sandbox breakout through attr filter selecting format method
A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...
IOT_hack
IOTha...
jinja2: Jinja sandbox breakout through attr filter selecting format method
A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...
ALSA-2025:3388 Important: python-jinja2 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that originates from an uncontrolled format string that could result in a denial of service...
OESA-2025-1336 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for formatcount earlier While the check for formatcount 64 in drmuniversalplaneinit shouldn't be hit it's a WARNON, in its current...
DEBIAN-CVE-2025-2925
A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MMrealloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to th...
AZL-59383 CVE-2025-2924 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HLfldeserialize of the file src/H5HLcache.c. The manipulation of the argument freeblock leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The...
AZL-59391 CVE-2025-2914 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...
DEBIAN-CVE-2025-2915
A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5Faccumfree of the file src/H5Faccum.c. The manipulation of the argument overlapsize leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been...
DEBIAN-CVE-2025-2914
A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...
UBUNTU-CVE-2025-2913
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...