CVE-2025-10883

A maliciously crafted CATPRODUCT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2025-10887

A maliciously crafted MODEL file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2025-10883

A maliciously crafted CATPRODUCT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2025-10889

A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2025-10882

AA maliciously crafted XT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

CVE-2025-10882

AA maliciously crafted XT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

CVE-2025-66449 ConvertX has Path Traversal that leads to Arbitrary File Write and Arbitrary Code Execution

ConvertXis a self-hosted online file converter. In versions prior to 0.16.0, the endpoint /upload allows an authenticated user to write arbitrary files on the system, overwriting binaries and allowing code execution. The upload function takes file.name directly from user supplied data without doi...

SEIKO EPSON Web Config 安全漏洞

SEIKO EPSON Web Config is a web configuration page from SEIKO EPSON Japan. A security vulnerability exists in SEIKO EPSON Web Config that originates from a stack buffer overflow and could lead to the execution of arbitrary code...

Autodesk Shared Components 安全漏洞

Autodesk Shared Components is a component of Autodesk USA. A security vulnerability exists in Autodesk Shared Components that originates from a memory corruption when parsing a specially crafted MODEL file, which could lead to the execution of arbitrary code in the current process...

PT-2025-51375

Name of the Vulnerable Software and Affected Versions SEIKO EPSON Web Config affected versions not specified Description A stack-based buffer overflow issue exists in SEIKO EPSON Web Config. A logged-in user providing specially crafted data can potentially execute arbitrary code. Recommendations ...

Fickling 代码问题漏洞

Fickling is an open source decompiler and static analyzer for Python by Trail of Bits. A code issue vulnerability exists in versions of Fickling prior to 0.1.6, which stems from a lack of security checks in the marshal and types modules and could lead to the execution of arbitrary code...

Autodesk Shared Components 安全漏洞

Autodesk Shared Components is a component of Autodesk USA. A security vulnerability exists in Autodesk Shared Components that originates from an out-of-bounds write when parsing a specially crafted MODEL file, which could result in a crash, data corruption, or execution of arbitrary code in the...

Autodesk Shared Components 安全漏洞

Autodesk Shared Components is a component of Autodesk USA. A security vulnerability exists in Autodesk Shared Components that originates from an out-of-bounds read when parsing a specially crafted CATPRODUCT file, which could result in a crash, read sensitive data, or execute arbitrary code...

Autodesk Shared Components 安全漏洞

Autodesk Shared Components is a component of Autodesk USA. A security vulnerability exists in Autodesk Shared Components that originates from a memory corruption when parsing specially crafted PRT files, which could lead to arbitrary code execution...

FreePBX 代码问题漏洞

FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk an IP telephony system via a GUI web-based graphical interface. A code issue vulnerability exists in FreePBX versions prior to 16.0.45 and prior to 17.0.24, which stems from an...

ROS-20251216-7315

A vulnerability in the ssh component of the OpenSSH cryptographic protection tool is related to incorrect processing of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

Autodesk Shared Components 安全漏洞

Autodesk Shared Components is a component of Autodesk USA. A security vulnerability exists in Autodesk Shared Components that originates from an out-of-bounds read when parsing a specially crafted SLDPRT file, which could result in a crash, read sensitive data, or execute arbitrary code...

ConvertX 安全漏洞

ConvertX is a file format conversion tool from ConvertX, Inc. A security vulnerability exists in ConvertX versions prior to 0.16.0 that stems from the upload function not cleaning up filenames, which could lead to arbitrary files being written and arbitrary code being executed...

Autodesk Shared Components 安全漏洞

Autodesk Shared Components is a component of Autodesk USA. A security vulnerability exists in Autodesk Shared Components that stems from a memory corruption when parsing specially crafted SLDPRT files, which could lead to arbitrary code execution...

Advantech SUSI 安全漏洞

Advantech SUSI is a set of embedded system interface management tools from Advantech, Taiwan, China. A security vulnerability exists in Advantech SUSI 5.0.24335 and prior versions, which stems from improper access control and could lead to elevation of privilege and arbitrary code execution...