70 matches found
EUVD-2023-54785
Malicious code in bioql PyPI...
EUVD-2025-8683
Malicious code in bioql PyPI...
EUVD-2025-15012
Malicious code in bioql PyPI...
EUVD-2022-45064
Malicious code in bioql PyPI...
EUVD-2025-20091
Malicious code in bioql PyPI...
CVE-2025-9403 jqlang jq JSON jq_test.c run_jq_tests assertion
A vulnerability was determined in jqlang jq up to 1.6. Impacted is the function runjqtests of the file jqtest.c of the component JSON Parser. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Othe...
PT-2025-34556
Name of the Vulnerable Software and Affected Versions: FNKvision Y215 CCTV Camera version 10.194.120.40 Description: A security issue has been identified in FNKvision Y215 CCTV Camera. The crypt function within the /etc/passwd file utilizes a weak hash, potentially allowing for local privilege...
CVE-2025-36613
SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access...
PT-2025-30193
Name of the Vulnerable Software and Affected Versions Dunamu StockPlus App versions up to 7.62.10 Description A vulnerability exists in Dunamu StockPlus App on Android. The issue involves improper export of android application components due to manipulation of an unknown functionality within the...
CVE-2025-30483
CVE-2025-30483 affects Dell ECS prior to 3.8.1.5 and Dell ObjectScale prior to 4.0.0.0, where an insertion of sensitive information into log files may allow a low-privilege, local attacker to disclose information. The NVD-derived CVSSv3.1 base score is 5.5 (Medium) with LOCAL, LOW complexity, and...
CVE-2025-7564 LB-LINK BL-AC3600 shadow hard-coded credentials
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this...
CVE-2025-7067
A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FSsinfoserializenodecb of the file src/H5FScache.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed ...
CVE-2025-6496 HTACG tidy-html5 parser.c InsertNodeAsParent null pointer dereference
A vulnerability was found in HTACG tidy-html5 5.8.0. It has been declared as problematic. This vulnerability affects the function InsertNodeAsParent of the file src/parser.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been...
CVE-2025-6490
A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833 and classified as problematic. This issue affects the function hashmapsetwithhash of the file gumbo-parser/src/hashmap.c. The manipulation leads to heap-based buffer overflow. An attack has to be approach...
CVE-2025-6273
The CVE-2025-6273 entry concerns WebAssembly wabt up to 1.0.37. It affects the LogOpcode function in src/binary-reader-objdump.cc, where input manipulation can trigger a reachable assertion. Local access is required, and the exploit has been disclosed publicly; the code maintainer notes the issue...
PT-2025-26226
Name of the Vulnerable Software and Affected Versions HDF5 versions up to 1.14.6 Description A critical vulnerability was found in HDF5, affecting the function H5C reconstruct cache entry of the file H5Cimage.c. This issue leads to a heap-based buffer overflow. The exploitation of this...
CVE-2025-36573
Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure...
BIT-PYTORCH-2025-3121 PyTorch torch.jit.jit_module_from_flatbuffer memory corruption
A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jitmodulefromflatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used...
PT-2025-23003 · Gnu +1 · Gnu Binutils +1
Name of the Vulnerable Software and Affected Versions: GNU Binutils versions up to 2.44 Description: A critical vulnerability has been found in GNU Binutils, affecting the debug type samep function of the objdump component. This issue leads to memory corruption and requires local access to exploi...
CVE-2025-5169
CVE-2025-5169 affects Open Asset Import Library (Assimp) version 5.4.3. The issue is in MDLImporter::InternReadFile_3DGS_MDL345 inside MDLLoader.cpp and causes an out-of-bounds read. Local access is required. The description notes that the exploit has been disclosed publicly and may be used. Ther...