306 matches found
CVE-2026-25933 Arduino App Lab has Improper Data Validation in Internal Terminal Interface
Arduino App Lab is a cross-platform IDE for developing Arduino Apps. Prior to 0.4.0, a vulnerability was identified in the Terminal component of the arduino-app-lab application. The issue stems from insufficient sanitization and validation of input data received from connected hardware devices,...
Anritsu ShockLine code-related vulnerabilities
Anritsu ShockLine is a series of vector network analyzers produced by Anritsu Corporation in Japan. Anritsu ShockLine has a code vulnerability that stems from the lack of validation of data provided by users during the parsing of CHX files. This vulnerability may lead to the deserialization of...
PT-2026-3351
The Spin Wheel plugin for WordPress is vulnerable to client-side prize manipulation in all versions up to, and including, 2.1.0. This is due to the plugin trusting client-supplied prize selection data without server-side validation or randomization. This makes it possible for unauthenticated...
Quill is vulnerable to XSS via HTML export feature
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...
UBUNTU-CVE-2025-15275
FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-12840
CVE-2025-12840 affects Academy Software Foundation OpenEXR. The issue is a heap-based buffer overflow in EXR file parsing caused by a lack of proper validation of the length of user-supplied data before copying to a heap buffer, enabling remote code execution when a user opens a malicious EXR fil...
Tencent HunyuanDiT 代码问题漏洞
Tencent HunyuanDiT is a diffusion model from Tencent China. A code issue vulnerability exists in Tencent HunyuanDiT that stems from a lack of validation of user-supplied data in the modelresume function, which could lead to deserialization of untrusted data and remote code execution...
Tencent Hunyuan3D-1 代码问题漏洞
Tencent Hunyuan3D-1 is an industrial-grade 3D generated large model from Tencent, a Chinese company. A code issue vulnerability exists in Tencent Hunyuan3D-1, which stems from a lack of validation of user-supplied data in the loadpretrained function, which could lead to deserialization of untrust...
Tencent MedicalNet 代码问题漏洞
Tencent MedicalNet is a deep learning pre-trained model library designed for 3D medical imaging by Tencent China. A code issue vulnerability exists in Tencent MedicalNet that stems from a lack of validation of user-supplied data in the generatemodel function, which could lead to deserialization o...
Hugging Face Transformers 代码问题漏洞
Hugging Face Transformers is a Hugging Face open source framework for defining state-of-the-art machine learning models covering textual, visual, audio, and multimodal models for inference and training. A code issue vulnerability exists in Hugging Face Transformers that stems from a lack of...
Tencent TFace 代码问题漏洞
Tencent TFace is a deep learning research platform focusing on face recognition from China's Tencent Tencent. Tencent TFace suffers from a code issue vulnerability that stems from a lack of validation of user-supplied data in eval endpoints, which could lead to deserialization of untrustworthy da...
Tencent FaceDetection-DSFD 代码问题漏洞
Tencent FaceDetection-DSFD is a face detection algorithm from Tencent, a Chinese company. Tencent FaceDetection-DSFD suffers from a code issue vulnerability that stems from a lack of validation of user-supplied data at resnet endpoints, which could lead to deserialization of untrusted data and...
Hugging Face Diffusers 代码问题漏洞
Hugging Face Diffusers is a Python software library open-sourced by Hugging Face. A code issue vulnerability exists in Hugging Face Diffusers that stems from a lack of validation of user-supplied data when parsing checkpoints in CogView4, which could lead to deserialization of untrusted data and...
Academy Software Foundation OpenEXR 安全漏洞
Academy Software Foundation OpenEXR is a suite of software libraries for reading and writing EXR files organized by the Academy Software Foundation in the United States. A security vulnerability exists in Academy Software Foundation OpenEXR that stems from a lack of validation of the length of...
Hugging Face Accelerate 代码问题漏洞
Hugging Face Accelerate is a lightweight tool library for Python open sourced by Hugging Face. A code issue vulnerability exists in Hugging Face Accelerate that stems from a lack of validation of user-supplied data when parsing checkpoints, which could lead to deserialization of untrusted data an...
CVE-2025-9558 Bluetooth: Mesh: Out-of-Bound Write in gen_prov_start
There is a potential OOB Write vulnerability in the genprovstart function in pbadv.c. The full length of the received data is copied into the link.rx.buf receiver buffer without any validation on the data size...
Apple macOS WindowServer Excessive Iteration Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Apple macOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WindowServer component. The issue results from the lack of proper validati...
EUVD-2021-20985
Malware in sbrugna...
EUVD-2020-0312
Malware in sbrugna...
CVE-2025-58582
If a user tries to login but the provided credentials are incorrect a log is created. The data for this POST requests is not validated and it’s possible to send giant payloads which are then logged...