CVE-2025-12120

Lite XL versions 2.1.8 and prior automatically execute the .liteproject.lua file when opening a project directory, without prompting the user for confirmation. The .liteproject.lua file is intended for project-specific configuration but can contain executable Lua logic. This behavior could allow...

CVE-2011-10034

CVE-2011-10034 affects IRAI AUTOMGEN up to version 8.0.0.7 (also 8.022). The issue is a use-after-free in project file handling: freeing an object then dereferencing a stale pointer when processing certain malformed fields. This dangling-pointer scenario enables an attacker to influence an indire...

CVE-2011-10034 IRAI AUTOMGEN <= 8.0.0.7 Use-After-Free Remote DoS

AUTOMGEN versions up to and including 8.0.0.7 also referenced as 8.022 contain a vulnerability in that project file handling frees an object and subsequently dereferences the stale pointer when processing certain malformed fields. The dangling-pointer use enables an attacker to influence an...

MAL-2025-155900 Malicious code in ican-poke23 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bff3d3ae7cc9acba1782d8ce836464dfbfdf25e260114f7da8c9a36ab7d4350 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

PT-2025-46725

AUTOMGEN versions up to and including 8.0.0.7 also referenced as 8.022 contain a vulnerability in that project file handling frees an object and subsequently dereferences the stale pointer when processing certain malformed fields. The dangling-pointer use enables an attacker to influence an...

IRAI Automgen 安全漏洞

IRAI Automgen is a general-purpose automation software workbench from IRAI France. A security vulnerability exists in IRAI Automgen version 8.0.0.7 and prior versions, which originates from a post-release reuse issue in project file handling that could result in a denial of service or remote code...

Malicious code in mute_tern_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f17f8bae7c44e5dfab5abe30de89768d27051561438bd3a88812feb1add8302 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-117016 Malicious code in serious_mollusk_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7b9634360adf6462319daa7f8e34b19df02fdc805bcfde00da78c965dc3cafd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-64703 Malicious code in oktafian-gepuk80-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bdbcb845bb5a80065804364342b7ab922887fd527b872c8aba40bd8a1ddbc2a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in legislative_tiglon_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb9b3026fd21555a1d30b2ec705ca30368bee7f3c08f751d587a2e7d19b8ba3b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-54496

A maliciously crafted project file may cause a heap-based buffer overflow in Fuji Electric Monitouch V-SFT-6, which may allow the attacker to execute arbitrary code...

CVE-2025-54526

Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2025-54526

Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2025-54496

A maliciously crafted project file may cause a heap-based buffer overflow in Fuji Electric Monitouch V-SFT-6, which may allow the attacker to execute arbitrary code...

CVE-2025-54526

Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2025-54526

CVE-2025-54526 concerns Fuji Electric Monitouch V-SFT-6/V-SFT with a stack-based buffer overflow in parsing crafted project/V7 files, leading to remote code execution . ZDI advisories describe the flaw as a lack of proper validation of the length of user-supplied data before copying it into a fix...

CVE-2025-54526 Fuji Electric Monitouch V-SFT-6 Stack-based Buffer Overflow

Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2025-54526 Fuji Electric Monitouch V-SFT-6 Stack-based Buffer Overflow

Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2025-54496 Fuji Electric Monitouch V-SFT-6 Heap-based Buffer Overflow

A maliciously crafted project file may cause a heap-based buffer overflow in Fuji Electric Monitouch V-SFT-6, which may allow the attacker to execute arbitrary code...

Fuji Electric Monitouch V-SFT-6 (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the accessed device; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive...