11 matches found
USN-8221-1: wheel vulnerability
It was discovered that wheel did not correctly handle certain file paths. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to execute arbitrary code...
EUVD-2026-21635
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...
EUVD-2026-10565
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file...
CVE-2025-61833
Substance3D - Stager versions 3.1.5 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current...
CVE-2025-54274 Substance3D - Viewer | Stack-based Buffer Overflow (CWE-121)
Substance3D - Viewer versions 0.25.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
EUVD-2025-24484
Malicious code in bioql PyPI...
USN-7062-1 libgsf vulnerabilities
It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code...
snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...
CVE-2022-34220
Adobe Acrobat Reader versions 22.001.20142 and earlier, 20.005.30334 and earlier and 17.012.30229 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in th...
CVE-2022-28243
Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...
Mandriva Linux Security Advisory : emacs (MDVSA-2013:076)
Updated emacs packages fix security vulnerabilities : Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent...