Lucene search
K

306 matches found

Cvelist
Cvelist
added 2026/02/12 7:57 p.m.30 views

CVE-2026-25933 Arduino App Lab has Improper Data Validation in Internal Terminal Interface

Arduino App Lab is a cross-platform IDE for developing Arduino Apps. Prior to 0.4.0, a vulnerability was identified in the Terminal component of the arduino-app-lab application. The issue stems from insufficient sanitization and validation of input data received from connected hardware devices,...

6.8CVSS0.00151EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.8 views

Anritsu ShockLine code-related vulnerabilities

Anritsu ShockLine is a series of vector network analyzers produced by Anritsu Corporation in Japan. Anritsu ShockLine has a code vulnerability that stems from the lack of validation of data provided by users during the parsing of CHX files. This vulnerability may lead to the deserialization of...

7.8CVSS7.4AI score0.00276EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/17 12:0 a.m.5 views

PT-2026-3351

The Spin Wheel plugin for WordPress is vulnerable to client-side prize manipulation in all versions up to, and including, 2.1.0. This is due to the plugin trusting client-supplied prize selection data without server-side validation or randomization. This makes it possible for unauthenticated...

5.3CVSS6AI score0.00312EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/01/13 9:31 p.m.11 views

Quill is vulnerable to XSS via HTML export feature

A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...

6.1CVSS6.2AI score0.00221EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/12/31 7:15 a.m.4 views

UBUNTU-CVE-2025-15275

FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

8.8CVSS7.8AI score0.0058EPSS
Exploits0References3
CVE
CVE
added 2025/12/23 9:41 p.m.16 views

CVE-2025-12840

CVE-2025-12840 affects Academy Software Foundation OpenEXR. The issue is a heap-based buffer overflow in EXR file parsing caused by a lack of proper validation of the length of user-supplied data before copying to a heap buffer, enabling remote code execution when a user opens a malicious EXR fil...

7.8CVSS7.7AI score0.00158EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.4 views

Tencent HunyuanDiT 代码问题漏洞

Tencent HunyuanDiT is a diffusion model from Tencent China. A code issue vulnerability exists in Tencent HunyuanDiT that stems from a lack of validation of user-supplied data in the modelresume function, which could lead to deserialization of untrusted data and remote code execution...

7.8CVSS7.9AI score0.00411EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.3 views

Tencent Hunyuan3D-1 代码问题漏洞

Tencent Hunyuan3D-1 is an industrial-grade 3D generated large model from Tencent, a Chinese company. A code issue vulnerability exists in Tencent Hunyuan3D-1, which stems from a lack of validation of user-supplied data in the loadpretrained function, which could lead to deserialization of untrust...

7.8CVSS7.9AI score0.00417EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.5 views

Tencent MedicalNet 代码问题漏洞

Tencent MedicalNet is a deep learning pre-trained model library designed for 3D medical imaging by Tencent China. A code issue vulnerability exists in Tencent MedicalNet that stems from a lack of validation of user-supplied data in the generatemodel function, which could lead to deserialization o...

7.8CVSS8AI score0.00411EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.5 views

Hugging Face Transformers 代码问题漏洞

Hugging Face Transformers is a Hugging Face open source framework for defining state-of-the-art machine learning models covering textual, visual, audio, and multimodal models for inference and training. A code issue vulnerability exists in Hugging Face Transformers that stems from a lack of...

7.8CVSS8AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.4 views

Tencent TFace 代码问题漏洞

Tencent TFace is a deep learning research platform focusing on face recognition from China's Tencent Tencent. Tencent TFace suffers from a code issue vulnerability that stems from a lack of validation of user-supplied data in eval endpoints, which could lead to deserialization of untrustworthy da...

7.8CVSS7.9AI score0.00411EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.4 views

Tencent FaceDetection-DSFD 代码问题漏洞

Tencent FaceDetection-DSFD is a face detection algorithm from Tencent, a Chinese company. Tencent FaceDetection-DSFD suffers from a code issue vulnerability that stems from a lack of validation of user-supplied data at resnet endpoints, which could lead to deserialization of untrusted data and...

7.8CVSS8AI score0.00371EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.7 views

Hugging Face Diffusers 代码问题漏洞

Hugging Face Diffusers is a Python software library open-sourced by Hugging Face. A code issue vulnerability exists in Hugging Face Diffusers that stems from a lack of validation of user-supplied data when parsing checkpoints in CogView4, which could lead to deserialization of untrusted data and...

7.8CVSS8AI score0.00315EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.3 views

Academy Software Foundation OpenEXR 安全漏洞

Academy Software Foundation OpenEXR is a suite of software libraries for reading and writing EXR files organized by the Academy Software Foundation in the United States. A security vulnerability exists in Academy Software Foundation OpenEXR that stems from a lack of validation of the length of...

7.8CVSS8AI score0.00158EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.4 views

Hugging Face Accelerate 代码问题漏洞

Hugging Face Accelerate is a lightweight tool library for Python open sourced by Hugging Face. A code issue vulnerability exists in Hugging Face Accelerate that stems from a lack of validation of user-supplied data when parsing checkpoints, which could lead to deserialization of untrusted data an...

7.8CVSS8AI score0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/26 5:39 a.m.11 views

CVE-2025-9558 Bluetooth: Mesh: Out-of-Bound Write in gen_prov_start

There is a potential OOB Write vulnerability in the genprovstart function in pbadv.c. The full length of the received data is copied into the link.rx.buf receiver buffer without any validation on the data size...

7.6CVSS0.00177EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/11/13 12:0 a.m.7 views

Apple macOS WindowServer Excessive Iteration Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Apple macOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WindowServer component. The issue results from the lack of proper validati...

4.3CVSS6.5AI score0.00935EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-20985

Malware in sbrugna...

7.8CVSS7.5AI score0.01663EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-0312

Malware in sbrugna...

7.1CVSS6.7AI score0.01382EPSS
Exploits0References11
NVD
NVD
added 2025/10/06 7:15 a.m.3 views

CVE-2025-58582

If a user tries to login but the provided credentials are incorrect a log is created. The data for this POST requests is not validated and it’s possible to send giant payloads which are then logged...

7.5CVSS0.00516EPSS
Exploits0References6
Rows per page
Query Builder