Lucene search
K

13 matches found

NVD
NVD
added 2026/03/13 7:53 p.m.5 views

CVE-2026-0957

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

8.5CVSS0.00229EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/27 9:30 a.m.8 views

Quick-Media Batik Codec FIX package has Code Injection vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects all...

5.3CVSS5.9AI score0.00401EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2025/09/12 6:5 a.m.6 views

CVE-2025-6454

Removed by vendor...

8.8CVSS5.8AI score0.00645EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/04 6:23 p.m.4 views

CVE-2025-57778

There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid source address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a...

8.5CVSS7.8AI score0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/11 6:36 p.m.2 views

CVE-2025-7677 DOS attack possible

A denial-of-service DoS attack is possible if access to the local network is provided to unauthorized users. This is due to a buffer copy issue that may lead to a software crash. This issue affects all versions of ASPECT...

8.2CVSS6.2AI score0.0031EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.7 views

PT-2025-6202 · Siemens · Simatic Ipc Diagmonitor +1

Name of the Vulnerable Software and Affected Versions: SIMATIC IPC DiagBase All versions SIMATIC IPC DiagMonitor All versions Description: A vulnerability has been identified where the affected devices do not properly restrict user permissions for the registry key. This could allow an authenticat...

7.3CVSS7.5AI score0.0014EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/10/14 12:0 a.m.16 views

QPDF Command Injection Vulnerability

QPDF is a software application. A C++ library and a set of programs to inspect and manipulate the structure of PDF files. A security vulnerability exists in all versions of QPDF, which stems from the inability of the encrypt method to filter parameters, resulting in a command injection...

9.8CVSS7.5AI score0.02079EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/08/15 12:0 a.m.42 views

CVE-2023-35082

An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier. Recent assessments: sfewer-r7 at...

10CVSS9.8AI score0.99999EPSS
In wildExploits14References3
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.5 views

PT-2023-20498 · Unknown · Node-Static

Name of the Vulnerable Software and Affected Versions: @node-static versions all node-static versions all Description: The issue arises from improper file path sanitization in the startsWith method within the servePath function, leading to Directory Traversal. This allows attackers to access file...

7.5CVSS7.2AI score0.01445EPSS
Exploits1References10
CNNVD
CNNVD
added 2022/04/15 12:0 a.m.3 views

Seowon 130-SLC router 安全漏洞

Seowon 130-SLC router is a router from Seowon, South Korea. A security vulnerability exists in all versions of the Seowon 130-SLC router from September 15, 2021, which stems from the queriesCnt parameter being susceptible to remote code execution...

9.8CVSS8.8AI score0.05818EPSS
Exploits1References2
OSV
OSV
added 2022/04/11 8:15 p.m.4 views

CVE-2022-22571

An authenticated high privileged user can perform a stored XSS attack due to incorrect output encoding in Incapptic connect and affects all current versions...

4.8CVSS5.8AI score0.00908EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.5 views

Incapptic Connect 跨站脚本漏洞

Incapptic Connect is an application plugin. A security vulnerability exists in Incapptic Connect that, due to incorrect output encoding in Incapptic Connect, allows an authenticated, elevated privileged user to perform a stored XSS attack and affects all current versions...

4.8CVSS5.2AI score0.00908EPSS
Exploits0References3
NVD
NVD
added 2021/07/28 4:15 p.m.12 views

CVE-2021-23416

This affects all versions of package curly-bracket-parser. When used as a template library, it does not properly sanitize the user input...

6.1CVSS0.00793EPSS
Exploits1References2
Rows per page
Query Builder