120816 matches found
CVE-2025-60786
A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via uploading a crafted Zip file...
PT-2025-51249
A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via uploading a crafted Zip file...
NEWS-BUZZ 安全漏洞
NEWS-BUZZ is a news management system by ANIRBAN DUTTA Individual Developer that allows users to publish and manage a variety of news content. A security vulnerability exists in NEWS-BUZZ version v.1.0, which stems from vulnerability to SQL injection attacks and may lead to the execution of...
Siemens RUGGEDCOM ROX II Injection Vulnerability (CNVD-2026-00020)
Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from an injection vulnerability that stems from insufficient validation of SCEP client fields, which can be exploited by an attacker to cause execution of arbitrary...
Siemens RUGGEDCOM ROX II Injection Vulnerability (CNVD-2026-00018)
Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from an injection vulnerability that can be exploited by an attacker to cause execution of arbitrary code...
AzeoTech DAQFactory Use After Release Vulnerability
AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a release-after-use vulnerability that originates from a release-after-reuse vulnerability in the parsing of a specially craft...
AzeoTech DAQFactory Buffer Overflow Vulnerability
AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a buffer overflow vulnerability that originates from accessing an uninitialized pointer and can be exploited by an attacker to...
CVE-2025-60786
A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via uploading a crafted Zip file...
AzeoTech DAQFactory Stack Buffer Overflow Vulnerability
AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a stack buffer overflow vulnerability that originates from a stack buffer overflow when parsing a specially crafted .ctl file,...
PT-2025-51340
Name of the Vulnerable Software and Affected Versions Autodesk products affected versions not specified Description A specially designed PRT file, when processed by certain Autodesk products, can lead to an Out-of-Bounds Read issue. An attacker could exploit this to cause a program crash,...
PT-2025-51344
Name of the Vulnerable Software and Affected Versions Autodesk products affected versions not specified Description A specially designed PRT file, when processed by certain Autodesk products, can lead to a memory corruption issue. An attacker could potentially exploit this to run code without...
Siemens SIMATIC CN 4100 Command Injection Vulnerability
The Siemens SIMATIC CN 4100 is a communication node from Siemens, Germany. The Siemens SIMATIC CN 4100 suffers from a command injection vulnerability that stems from insufficient validation of REST API input parameters, which can be exploited by an attacker to cause execution of arbitrary code...
AzeoTech DAQFactory Out-of-Bounds Write Vulnerability
AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from an out-of-bounds write vulnerability that originates from an out-of-bounds write to a memory buffer, which can be exploited by...
Adobe DNG Software Development Kit (SDK) Input Validation Error Vulnerability
Adobe DNG Software Development Kit SDK is a software development kit from the American company Audobee Adobe. An input validation error vulnerability exists in Adobe DNG Software Development Kit SDK, which can be exploited by an attacker to execute arbitrary code on a system or cause an applicati...
CVE-2025-60786
A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via uploading a crafted Zip file...
torch_musa 安全漏洞
torchmusa is an open source repository open-sourced by Moore Threads Corporation. A security vulnerability exists in torchmusa, which stems from unsafe deserialization in torchmusa.utils.comparetool that could lead to the execution of arbitrary code...
Adobe DNG Software Development Kit (SDK) Heap Buffer Overflow Vulnerability
Adobe DNG Software Development Kit SDK is a software development kit from the American company Audobee Adobe. The Adobe DNG Software Development Kit SDK contains a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on a system or cause an application...
PT-2025-51334
Name of the Vulnerable Software and Affected Versions Autodesk products affected versions not specified Description A specially designed MODEL file can trigger an Out-of-Bounds Write issue when processed by specific Autodesk products. Successful exploitation of this issue could allow an attacker ...
Siemens RUGGEDCOM ROX II Injection Vulnerability (CNVD-2026-00019)
Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from an injection vulnerability that can be exploited by an attacker to cause execution of arbitrary code...
SUSE SLED15 / SLES15 Security Update : python-future (SUSE-SU-2025:03049-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03049-1 advisory. - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124 Tenable has...