PT-2025-22877 · Assimp +1 · Assimp +1

Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A vulnerability was found in the Open Asset Import Library Assimp, affecting the function MDCImporter::ValidateSurfaceHeader of the file assimp/code/AssetLib/MDC/MDCLoader.cpp. The...

PT-2025-22922 · Unknown +1 · Nfwchk.Exe +2

Name of the Vulnerable Software and Affected Versions: Wondershare Filmora version 14.5.16 Description: A critical vulnerability has been found in Wondershare Filmora, affecting some unknown functionality in the library CRYPTBASE.dll of the file NFWCHK.exe of the component Installer. The...

PT-2025-22917 · Pypi · Pypickle

Name of the Vulnerable Software and Affected Versions: erdogant pypickle versions 1.1.5 and earlier Description: A critical issue affects the Save function of the file pypickle/pypickle.py, leading to improper authorization. The manipulation requires a local attack, and the exploit has been...

PT-2025-22884 · Assimp +1 · Assimp +1

Name of the Vulnerable Software and Affected Versions: Assimp version 5.4.3 Description: A vulnerability was found in the Open Asset Import Library Assimp. It has been rated as problematic. The issue affects the function MDLImporter::ImportUVCoordinate 3DGS MDL345 of the file...

PT-2025-22932 · Assimp +1 · Assimp +1

Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A vulnerability was found in Open Asset Import Library Assimp. It has been declared as problematic. Affected by this vulnerability is the function HL1MDLLoader::validate header of th...

PT-2025-22934

Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp version 5.4.3 Description A vulnerability has been found in Open Asset Import Library Assimp, affecting the function MDLImporter::ParseSkinLump 3DGS MDL7 of the file...

PT-2025-22915 · Humansignal · Label-Studio-Ml-Backend

Name of the Vulnerable Software and Affected Versions: HumanSignal label-studio-ml-backend versions up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf Description: A vulnerability has been found in the function load of the file label-studio-ml-backend/label studio ml/examples/yolo/utils/neural nets.p...

Deserialization of Untrusted Data

Overview inspiremusic is an InspireMusic: A Fundamental Music, Song and Audio Generation Framework and Toolkits Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the load function in the file cli/model.py. An attacker can manipulate internal data...

GHSA-PGP9-G5Q8-J3WP FunAudioLLM InspireMusic deserialization vulnerability

A vulnerability was found in FunAudioLLM InspireMusic up to bf32364bcb0d136497ca69f9db622e9216b029dd. It has been classified as critical. Affected is the function loadstatedict of the file inspiremusic/cli/model.py of the component Pickle Data Handler. The manipulation leads to deserialization. A...

FunAudioLLM InspireMusic deserialization vulnerability

A vulnerability was found in FunAudioLLM InspireMusic up to bf32364bcb0d136497ca69f9db622e9216b029dd. It has been classified as critical. Affected is the function loadstatedict of the file inspiremusic/cli/model.py of the component Pickle Data Handler. The manipulation leads to deserialization. A...

CVE-2025-5148

A vulnerability was found in FunAudioLLM InspireMusic up to bf32364bcb0d136497ca69f9db622e9216b029dd. It has been classified as critical. Affected is the function loadstatedict of the file inspiremusic/cli/model.py of the component Pickle Data Handler. The manipulation leads to deserialization. A...

CVE-2025-5148

A vulnerability was found in FunAudioLLM InspireMusic up to bf32364bcb0d136497ca69f9db622e9216b029dd. It has been classified as critical. Affected is the function loadstatedict of the file inspiremusic/cli/model.py of the component Pickle Data Handler. The manipulation leads to deserialization. A...

CVE-2025-5148

FunAudioLLM InspireMusic (up to commit bf32364bcb0d136497ca69f9db622e9216b029dd) contains a deserialization vulnerability in the Pickle Data Handler. Specifically, the load_state_dict function in inspiremusic/cli/model.py is exploitable via crafted input, enabling local deserialization manipulati...

CVE-2022-31807

The CVE-2022-31807 entry affects Building X – Security Manager Edge Controller (ACC-AP) and related Siemens products. The underlying issue is improper verification of firmware update integrity, enabling either a local attacker to upload a malicious firmware or a remote attacker to modify firmware...

CVE-2025-0222

A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic. This issue affects the function 0x8001E000/0x8001E004 in the library IUProcessFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be...

CVE-2025-0529

A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This affects an unknown part of the component Login Form. The manipulation of the argument username leads to stack-based buffer overflow. Attacking locally is a requirement. The...

CVE-2025-0221

A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached...

CVE-2025-0797

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects unknown code of the file /var/Microworld/ of the component Quarantine Handler. The manipulation leads to incorrect default permissions. The attack needs to be...

CVE-2025-0733

A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows. This affects an unknown part in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

CVE-2025-0720

A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. It has been rated as problematic. Affected by this issue is the function removeExtraSlashes of the file /opt/MicroWorld/sbin/rtscanner of the component Folder Watch List Handler. The manipulation leads to stack-based buffer...