F5 BIG-IP 日志信息泄露漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a vulnerability related to log information leakage, which stems from...

EUVD-2025-201851

Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud Financials General Ledger, an authenticated attacker with authorization limited to a single company code could read sensitive data and post or modify documents across all company codes. Successful exploitation could...

CVE-2025-11797 DWG File Parsing Use-After-Free Vulnerability

A maliciously crafted DWG file, when parsed through Autodesk 3ds Max, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

EUVD-2025-25034

Malicious code in bioql PyPI...

Exploit for CVE-2025-31125

🔐 Vite/Vue JS Exploitation Toolkit =============================...

Linux Distros Unpatched Vulnerability : CVE-2024-23791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects...

CVE-2025-5046 DGN File Parsing Out-of-Bounds Read Vulnerability

A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

Autodesk AutoCAD 安全漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US-based Autodesk Corporation. A security vulnerability exists in Autodesk AutoCAD that originates from parsing a malicious specially crafted CATPRODUCT file that could result in uninitialized variables, which could cause a...

IBM MQ 安全漏洞

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and validated messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ that stems from the possibility of local users reading...

SAP BusinessObjects Business Intelligence Platform 代码注入漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP, combining market-leading SAP data integration products, data management products and business intelligence products to eliminate system integration challenges and quickly and easily deploy...

PT-2025-11201 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: The issue arises when a maliciously crafted CATPRODUCT file is parsed through Autodesk AutoCAD, leading to an Uninitialized Variable vulnerability. This can be exploited by a...

Puppeteer Security Vulnerabilities

Puppeteer is a web page renderer by the individual developer Yeongjin Lee. A security vulnerability exists in puppeteer-renderer v.3.2.0 and earlier versions that could allow an attacker to read sensitive information from the server using the URL parameter of the file protocol...

CVE-2024-23125

A maliciously crafted SLDPRT file when parsed ODXSWDLL.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

SUSE CVE-2023-35947

Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwritten anywhere the...

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US-based Autodesk Corporation. A security vulnerability exists in Autodesk AutoCAD version 2023, which originates from a maliciously crafted XB file that can be used to write to an unallocated buffer, resulting in a stack...

CVE-2021-40497

SAP BusinessObjects Analysis edition for OLAP - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its...

HashiCorp Terraform Encryption Issues Vulnerabilities

HashiCorp Terraform is an open source tool for provisioning and managing cloud infrastructure from HashiCorp, USA. An encryption issue vulnerability exists in HashiCorp Terraform versions prior to 0.12.17 that stems from the program's use of HTTP to transfer sensitive information, which can be...

Mozilla Firefox ESR Security Advisories (MFSA2019-09, MFSA2019-14) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

CVE-2016-0373

IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119...

Code execution vulnerability in cms made simple backend file copying

CMS Made Simple is an open source content management system. It is built using PHP and Smarty Engine , which separates content , functionality and templates . A code execution vulnerability exists in cms made simple version 2.2.7 when performing file copying in the background, which can be...