104 matches found
CVE-2026-52751
Ghidra before 12.1 contains an unsafe deserialization vulnerability in client-side Shared-Project RMI connection code that allows unauthenticated remote code execution. Attackers can craft a malicious project file with a ghidra:// URL that, when opened via File → Open Project, deserializes...
CVE-2026-52751 Ghidra < 12.1 - Remote Code Execution via Unfiltered RMI Deserialization in Shared Project Connection
Ghidra before 12.1 contains an unsafe deserialization vulnerability in client-side Shared-Project RMI connection code that allows unauthenticated remote code execution. Attackers can craft a malicious project file with a ghidra:// URL that, when opened via File → Open Project, deserializes...
CVE-2026-45555
Roslyn CodeLens MCP Server is a Roslyn-based MCP server providing semantic code intelligence for .NET codebases. From 0.0.9 to 1.17.0, the getdiagnostics MCP tool loads and executes all DiagnosticAnalyzer assemblies referenced by the target solution without any allowlist, signature check, or user...
openSUSE 16 Security Update : kdenlive (openSUSE-SU-2026:20723-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20723-1 advisory. Changes in kdenlive: - CVE-2026-45184: Fixed a remote code execution through opening a malicious project file boo1264711. Tenable has extracted the...
OPENSUSE-SU-2026:20723-1 Security update for kdenlive
This update for kdenlive fixes the following issues: Changes in kdenlive: - CVE-2026-45184: Fixed a remote code execution through opening a malicious project file boo1264711...
EUVD-2026-23430
In JetBrains Junie before 252.549.29 command execution was possible via malicious project file...
CVE-2026-41153
In JetBrains Junie before 252.549.29 command execution was possible via malicious project file...
CVE-2026-41153
In JetBrains Junie before 252.549.29 command execution was possible via malicious project file...
CVE-2026-41153
CVE-2026-41153 affects JetBrains Junie prior to 252.549.29. Affected component is the project file handling, enabling command execution via a malicious project file. Public sources (PT-2026-33457) recommend updating to version 252.549.29 or later as a remediation. CVSS data in the initial record ...
CVE-2026-41153
In JetBrains Junie before 252.549.29 command execution was possible via malicious project file...
PT-2026-33457
Name of the Vulnerable Software and Affected Versions JetBrains Junie versions prior to 252.549.29 Description Command execution is possible through the use of a malicious project file. Recommendations Update to version 252.549.29 or later...
CVE-2023-7343 Belden Industrial HiVision Arbitrary Code Execution via Malicious Project File
Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision...
CVE-2026-1286
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file...
CVE-2026-2273
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
EUVD-2026-10571
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
EUVD-2026-10572
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
EUVD-2026-10566
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file...
EUVD-2026-10565
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file...
CVE-2026-2273
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
CVE-2026-1286
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file...