EUVD-2024-52216

Malicious code in bioql PyPI...

CVE-2025-34045

A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account platform development framework by Shenzhen Yuanmengyun Technology Co., Ltd. The flaw occurs in the picUrl parameter of the /public/index.php/material/Material/downloadimgage endpoint, where insufficient inpu...

CVE-2025-20001

An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability...

CVE-2024-52726

CRMEB v5.4.0 is vulnerable to Arbitrary file read in the savebasics function which allows an attacker to obtain sensitive information...

CVE-2019-10994

Processing a specially crafted project file in LAquis SCADA 4.3.1.71 may trigger an out-of-bounds read, which may allow an attacker to obtain sensitive information. The attacker must have local access to the system. A CVSS v3 base score of 2.5 has been calculated; the CVSS vector string is...

CVE-2025-30224

MyDumper is a MySQL Logical Backup Tool. The MySQL C client library libmysqlclient allows authenticated remote actors to read arbitrary files from client systems via a crafted server response to LOAD LOCAL INFILE query, leading to sensitive information disclosure when clients connect to untrusted...

CVE-2025-2539 File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read

The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the use of a reversible weak algorithm, to read...

CVE-2020-6058

An exploitable out-of-bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out-of-bounds memory read, which can result in the disclosure of sensitive information and denial of service. To trigger this...

CVE-2024-52726

CRMEB v5.4.0 is vulnerable to Arbitrary file read in the savebasics function which allows an attacker to obtain sensitive information...

CVE-2023-20039

A vulnerability in Cisco IND could allow an authenticated, local attacker to read application data. This vulnerability is due to insufficient default file permissions that are applied to the application data directory. An attacker could exploit this vulnerability by accessing files in the...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS version 13.7, which could allow an attacker to read sensitive information...

CVE-2023-4156

A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information...

PT-2023-3243 · Datakit · Datakit Crosscadware X64.Dll

Name of the Vulnerable Software and Affected Versions: Datakit CrossCadWare x64.dll affected versions not specified Description: The issue is related to an out-of-bounds read past the end of an allocated buffer in the Datakit CrossCadWare x64.dll library when parsing a specially crafted SLDPRT...

Citrix Virtual Apps and Desktops 安全漏洞

Citrix Systems Citrix Virtual Apps and Desktops is a virtualization software from Citrix Systems that provides virtual desktops and virtual applications for any operating system. A security vulnerability exists in Citrix Virtual Apps and Desktops, which can be exploited by an attacker to bypass...

Linux kernel 安全特征问题漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which can be exploited by an attacker to bypass restrictions on access to Linux kernel data and open a UDP port via an ICMP error to read sensitive...

Apache Ambari < 2.7.0 Directory Traversal Vulnerability

Apache Ambari is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:ambari";...

USN-4868-1 libtomcrypt vulnerability

It was discovered that LibTomCrypt incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or read sensitive information...

Google Kubernetes has an unspecified vulnerability

Google Kubernetes is a set of open source Docker container cluster management system from the U.S. company Google Google. The system provides resource scheduling, deployment and operation, service discovery and scaling up and down for containerized applications. A security vulnerability exists in...

ImageMagick <= 7.0.8-49 Multiple Vulnerabilities - Linux

ImageMagick is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-1853

A vulnerability in the HostScan component of Cisco AnyConnect Secure Mobility Client for Linux could allow an unauthenticated, remote attacker to read sensitive information on an affected system. The vulnerability exists because the affected software performs improper bounds checks. An attacker...