120933 matches found
Insyde BIOS Buffer Overflow in certain HP ARM-Based PCs
A potential security vulnerability has been identified in certain ARM-based HP PC products using Insyde BIOS InsydeH20 UEFI Firmware, which might allow arbitrary code execution. Insyde has released updates to mitigate the potential vulnerabilities. HP has identified affected platforms and...
AMD AIM-T Manageability Software Security Update
AMD has informed HP of potential vulnerabilities in the AMD Integrated Management Technology AIM-T software, which might allow arbitrary code execution. AMD has released software updates to mitigate these vulnerabilities. AMD has released updates to mitigate this potential vulnerabilities. HP has...
EUVD-2025-35177
Bambu Studio 2.1.1.52 and earlier is affected by a vulnerability that allows arbitrary code execution during application startup. The application loads a network plugin without validating its digital signature or verifying its authenticity. A local attacker can exploit this behavior by placing a...
wolfSSH 安全漏洞
wolfSSH is a small, fast, portable SSH implementation of wolfSSL open source, including support for SCP and SFTP. A security vulnerability exists in wolfSSH that stems from a possible stack buffer overflow when receiving specially crafted packets, which could lead to the execution of arbitrary co...
Delta Electronics DIAScreen Out-of-Bounds Write Vulnerability (CNVD-2025-26897)
Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. An out-of-bounds write vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute arbitrary code on the system or cause a system crash...
Delta Electronics DIAScreen Out-of-Bounds Write Vulnerability (CNVD-2025-26898)
Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. An out-of-bounds write vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute arbitrary code on the system or cause a system crash...
Adobe Bridge heap buffer overflow vulnerability (CNVD-2025-24426)
Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...
Delta Electronics DIAScreen Out-of-Bounds Write Vulnerability (CNVD-2025-26899)
Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. An out-of-bounds write vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute arbitrary code on the system or cause a system crash...
D-Link DI-7001 MINI OS Command Injection Vulnerability
D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. The D-Link DI-7001 MINI suffers from an operating system command injection vulnerability that can be exploited by an attacker to execute arbitrary code on the system...
KLA89408 Multiple vulnerabilities in Oracle VirtualBox
Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit this vulnerability to execute arbitrary code, obtain sensitive information, cause denial of service. Original advisories Oracle Virtualization Risk Matrix Related products Oracle-VirtualBox CVE list CVE-2025-61759 hig...
D-Link DI-7100G C1 openid parameter buffer overflow vulnerability
The D-Link DI-7100G C1 is an enterprise-class router from D-Link, designed for small and medium-sized businesses. The D-Link DI-7100G C1 suffers from a buffer overflow vulnerability that originates from the parameter openid in the file /webchat/login.cgi failing to properly validate the length an...
D-Link DI-7001 MINI Buffer Overflow Vulnerability
D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. The D-Link DI-7001 MINI suffers from a buffer overflow vulnerability, which is caused by incorrect bounds checking of functions in the file /dbsrv.asp. An attacker could exploit the vulnerability to execute...
IBM Standards Processing Engine Deserialization Vulnerability
IBM Standards Processing Engine Ibm Transformation Extender Advanced is a document conversion software from International Business Machines IBM. Used to automatically convert and validate large amounts of data. IBM Standards Processing Engine suffers from a deserialization vulnerability that stem...
Adobe Animate heap buffer overflow vulnerability (CNVD-2025-24421)
Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution in the current user environment...
Adobe Animate Memory Misreference Vulnerability (CNVD-2025-24424)
Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Animate, which can be exploited by an attacker to cause arbitrary code to be executed in the current user environment...
CVE-2025-56218
An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2025-62429 ClipBucket v5 executes arbitrary PHP code
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 147, ClipBucket v5 is vulnerable to arbitrary PHP code execution. In /upload/adminarea/actions/updatelaunch.php, the "type" parameter from a POST request is embedded into PHP tags and executed. Proper sanitization is n...
EUVD-2025-35053
An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...
CVE-2025-41390
An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...
Unsafe Dependency Resolution
Overview Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the core.fsmonitor configuration option in the .git/config file. An attacker can execute arbitrary code by convincing a user or tool to scan a specially crafted repository that contains a malicious...