Lucene search
K

187 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-49805

Malicious code in bioql PyPI...

6.1CVSS8.7AI score0.0036EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25851

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00297EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-32080

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00335EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-24492

Malicious code in bioql PyPI...

7.8CVSS6.3AI score0.00287EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-26615

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00219EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-50594

Malicious code in bioql PyPI...

6.1CVSS8.7AI score0.00348EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/19 9:26 p.m.8 views

CVE-2025-7981

Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the targ...

7.8CVSS7.5AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/04 6:23 p.m.5 views

CVE-2025-57776

There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially...

8.5CVSS7.8AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/04 6:23 p.m.4 views

CVE-2025-57778

There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid source address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a...

8.5CVSS7.8AI score0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/02 6:12 p.m.6 views

CVE-2025-9189 Out Of Bounds Write when parsing a DSB file with Digilent DASYLab

There is an out of bounds write vulnerability due to improper bounds checking resulting in a large destination address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a...

8.5CVSS7.3AI score0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/26 10:48 p.m.1 views

CVE-2025-0082

In multiple functions of StatusHint.java and TelecomServiceImpl.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

5.9AI score0.00085EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.7 views

PT-2025-34599 · Google · Google Cloud Dataform

Name of the Vulnerable Software and Affected Versions: Google Cloud Dataform affected versions not specified Description: A path traversal vulnerability exists in the NPM package installation process of Google Cloud Dataform. A remote attacker can read and write files in other customers'...

10CVSS6.2AI score0.00625EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.12 views

PT-2025-34104

Name of the Vulnerable Software and Affected Versions MJM QuickPlayer version 2010 Description MJM QuickPlayer also known as MJM Player contains a stack-based buffer overflow triggered by opening a malicious .s3m music file. This issue arises from improper bounds checking in the file parser, whic...

8.4CVSS8AI score0.00324EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/08/14 9:14 p.m.10 views

CVE-2025-54203

Substance3D - Modeler versions 1.22.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

5.5CVSS6.6AI score0.00189EPSS
Exploits0References1
CVE
CVE
added 2025/08/12 5:55 p.m.28 views

CVE-2025-49555

CVE-2025-49555 affects Adobe Commerce/Magento Open Source (versions 2.4.9-alpha1 through earlier) with a Cross-Site Request Forgery (CSRF) vulnerability that can lead to privilege escalation when a user is authenticated. Exploitation requires user interaction (victim visits malicious site or clic...

8.1CVSS7AI score0.0085EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/08 12:0 a.m.6 views

PT-2025-32404 · Photodex · Proshow Producer

Name of the Vulnerable Software and Affected Versions: Photodex ProShow Producer version 5.0.3256 Description: Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in...

8.4CVSS6.8AI score0.00352EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.8 views

Rockwell Automation Arena < 16.20.10 Multiple Vulnerabilities

The version of Rockwell Automation Arena installed on the remote Windows host is prior to 16.20.10. It is, therefore, affected by a multiple vulnerabilities - A memory abuse issue exists in the affected product. A custom file can force Arena Simulation to read and write past the end of memory...

8.4CVSS7.9AI score0.00263EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/08/05 1:37 p.m.6 views

CVE-2025-7025

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose...

8.4CVSS5.9AI score0.00261EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/07/30 7:42 a.m.1 views

MAL-2025-6378 Malicious code in vite-postcss-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3ccfb9649799b2451c498f5d749045e87056e774d48d5463c04488ec58620fb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/21 8:15 p.m.2 views

CVE-2025-7264

IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

7.8CVSS6.2AI score0.0022EPSS
Exploits0References1
Rows per page
Query Builder