CVE-2025-41712

An unauthenticated remote attacker who tricks a user to upload a manipulated HTML file can get access to sensitive information on the device. This is a result of incorrect permission assignment for the web server...

EUVD-2025-208470

An unauthenticated remote attacker who tricks a user to upload a manipulated HTML file can get access to sensitive information on the device. This is a result of incorrect permission assignment for the web server...

CVE-2025-60035

A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data...

CVE-2025-60038

CVE-2025-60038 affects Rexroth IndraWorks. The vulnerability allows arbitrary code execution when deserializing a manipulated file containing malicious serialized data. Exploitation requires user interaction (opening a specially crafted file), enabling Remote Code Execution on the host applicatio...

PT-2026-1004

Name of the Vulnerable Software and Affected Versions campcodes School File Management System version 1.0 Description A security issue exists in campcodes School File Management System 1.0. The issue involves unrestricted file upload due to manipulation of the File argument within an unknown...

CVE-2025-15129

ChenJinchuang Lin-CMS-TP5

CVE-2025-41700

An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context...

CVE-2025-41700

An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context...

PT-2025-48432

Name of the Vulnerable Software and Affected Versions CODESYS Development System affected versions not specified Description An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development syste...

CVE-2025-11660

A vulnerability has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this issue is some unknown functionality of the file /assets/uploadSllyabus.php. Such manipulation of the argument File leads to unrestricted upload. The atta...

EUVD-2021-29056

Malicious code in bioql PyPI...

EUVD-2021-8731

Malicious code in bioql PyPI...

EUVD-2022-44413

Malicious code in bioql PyPI...

EUVD-2022-44407

Malicious code in bioql PyPI...

CVE-2022-41187

Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object .obj, ObjTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based...

CVE-2022-41199

Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File .iv, vrml.x3d file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow ...

CVE-2022-41168

Due to lack of proper memory management, when a victim opens a manipulated CATIA5 Part .catpart, CatiaTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based...

CVE-2022-39803

Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly .sat, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a...

CVE-2022-35171

When a user opens manipulated JPEG 2000 .jp2, jp2k.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant...

CVE-2021-21458

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...