Lucene search
K

120933 matches found

Hewlett-Packard
Hewlett-Packard
added 2025/10/21 12:0 a.m.10 views

Insyde BIOS Buffer Overflow in certain HP ARM-Based PCs

A potential security vulnerability has been identified in certain ARM-based HP PC products using Insyde BIOS InsydeH20 UEFI Firmware, which might allow arbitrary code execution. Insyde has released updates to mitigate the potential vulnerabilities. HP has identified affected platforms and...

7.8CVSS7.3AI score0.0023EPSS
Exploits0Affected Software4
Hewlett-Packard
Hewlett-Packard
added 2025/10/21 12:0 a.m.10 views

AMD AIM-T Manageability Software Security Update

AMD has informed HP of potential vulnerabilities in the AMD Integrated Management Technology AIM-T software, which might allow arbitrary code execution. AMD has released software updates to mitigate these vulnerabilities. AMD has released updates to mitigate this potential vulnerabilities. HP has...

7.3CVSS6.1AI score0.00241EPSS
Exploits0Affected Software16
EUVD
EUVD
added 2025/10/21 12:0 a.m.6 views

EUVD-2025-35177

Bambu Studio 2.1.1.52 and earlier is affected by a vulnerability that allows arbitrary code execution during application startup. The application loads a network plugin without validating its digital signature or verifying its authenticity. A local attacker can exploit this behavior by placing a...

6.1CVSS7AI score0.00146EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.4 views

wolfSSH 安全漏洞

wolfSSH is a small, fast, portable SSH implementation of wolfSSL open source, including support for SCP and SFTP. A security vulnerability exists in wolfSSH that stems from a possible stack buffer overflow when receiving specially crafted packets, which could lead to the execution of arbitrary co...

9.8CVSS7.3AI score0.00334EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.3 views

Delta Electronics DIAScreen Out-of-Bounds Write Vulnerability (CNVD-2025-26897)

Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. An out-of-bounds write vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute arbitrary code on the system or cause a system crash...

7.8CVSS8AI score0.00155EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.2 views

Delta Electronics DIAScreen Out-of-Bounds Write Vulnerability (CNVD-2025-26898)

Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. An out-of-bounds write vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute arbitrary code on the system or cause a system crash...

7.8CVSS8AI score0.00173EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.2 views

Adobe Bridge heap buffer overflow vulnerability (CNVD-2025-24426)

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...

7.8CVSS7.7AI score0.00243EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.3 views

Delta Electronics DIAScreen Out-of-Bounds Write Vulnerability (CNVD-2025-26899)

Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. An out-of-bounds write vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute arbitrary code on the system or cause a system crash...

7.8CVSS8AI score0.00155EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.2 views

D-Link DI-7001 MINI OS Command Injection Vulnerability

D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. The D-Link DI-7001 MINI suffers from an operating system command injection vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

9.8CVSS8.5AI score0.04033EPSS
Exploits1References1
Kaspersky
Kaspersky
added 2025/10/21 12:0 a.m.7 views

KLA89408 Multiple vulnerabilities in Oracle VirtualBox

Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit this vulnerability to execute arbitrary code, obtain sensitive information, cause denial of service. Original advisories Oracle Virtualization Risk Matrix Related products Oracle-VirtualBox CVE list CVE-2025-61759 hig...

8.2CVSS7.9AI score0.00191EPSS
Exploits0References3
CNVD
CNVD
added 2025/10/21 12:0 a.m.4 views

D-Link DI-7100G C1 openid parameter buffer overflow vulnerability

The D-Link DI-7100G C1 is an enterprise-class router from D-Link, designed for small and medium-sized businesses. The D-Link DI-7100G C1 suffers from a buffer overflow vulnerability that originates from the parameter openid in the file /webchat/login.cgi failing to properly validate the length an...

9.8CVSS8.2AI score0.00919EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.3 views

D-Link DI-7001 MINI Buffer Overflow Vulnerability

D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. The D-Link DI-7001 MINI suffers from a buffer overflow vulnerability, which is caused by incorrect bounds checking of functions in the file /dbsrv.asp. An attacker could exploit the vulnerability to execute...

9.8CVSS8.2AI score0.00802EPSS
Exploits1References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.4 views

IBM Standards Processing Engine Deserialization Vulnerability

IBM Standards Processing Engine Ibm Transformation Extender Advanced is a document conversion software from International Business Machines IBM. Used to automatically convert and validate large amounts of data. IBM Standards Processing Engine suffers from a deserialization vulnerability that stem...

9.8CVSS6.9AI score0.00619EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.4 views

Adobe Animate heap buffer overflow vulnerability (CNVD-2025-24421)

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution in the current user environment...

7.8CVSS8.1AI score0.00243EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.3 views

Adobe Animate Memory Misreference Vulnerability (CNVD-2025-24424)

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Animate, which can be exploited by an attacker to cause arbitrary code to be executed in the current user environment...

7.8CVSS7.2AI score0.00231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.9 views

CVE-2025-56218

An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file...

9.8CVSS7.9AI score0.00666EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/20 4:8 p.m.3 views

CVE-2025-62429 ClipBucket v5 executes arbitrary PHP code

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 147, ClipBucket v5 is vulnerable to arbitrary PHP code execution. In /upload/adminarea/actions/updatelaunch.php, the "type" parameter from a POST request is embedded into PHP tags and executed. Proper sanitization is n...

7.2CVSS7.6AI score0.00777EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/20 3:30 p.m.3 views

EUVD-2025-35053

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...

7.8CVSS7.7AI score0.00284EPSS
Exploits0References3
NVD
NVD
added 2025/10/20 3:15 p.m.5 views

CVE-2025-41390

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...

7.8CVSS0.00284EPSS
Exploits0References3
Snyk
Snyk
added 2025/10/20 2:15 p.m.4 views

Unsafe Dependency Resolution

Overview Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the core.fsmonitor configuration option in the .git/config file. An attacker can execute arbitrary code by convincing a user or tool to scan a specially crafted repository that contains a malicious...

8.4CVSS7.5AI score0.00284EPSS
Exploits0References2
Rows per page
Query Builder