120950 matches found
Mozilla -- Memory safety bugs
[email protected] reports: Memory safety bugs. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...
APSB25-103 : Security update available for Adobe Dimension
Adobe has released an update for Adobe Dimension that addresses critical vulnerabilities that could lead to arbitrary code execution...
APSB25-100 : Security update available for Adobe Substance 3D Modeler
Adobe has released an update for Adobe Substance 3D Modeler. This update addresses a critical vulnerability in Adobe Substance 3D Modeler. Successful exploitation could lead to arbitrary code execution...
APSB25-102 : Security update available for Adobe Illustrator
Adobe has released an update for Adobe Illustrator. This update resolves critical vulnerabilities that could lead to arbitrary code execution...
APSB25-101 : Security update available for Adobe FrameMaker
Adobe has released a security update for Adobe FrameMaker. This update addresses critical vulnerabilities that could lead to arbitrary code execution...
APSB25-94 : Security update available for Adobe Commerce
Adobe has released a security update for Adobe Commerce and Magento Open Source. This update resolves critical and important vulnerabilities. Successful exploitation could lead to security feature bypass, privilege escalation, and arbitrary code execution...
CVE-2025-62363 yt-grabber-tui allows arbitrary code execution via configurable yt-dlp path
yt-grabber-tui is a terminal user interface application for downloading videos. In versions before 1.0-rc, the application allows users to configure the path to the yt-dlp executable via the pathtoytdlp configuration setting. An attacker with write access to the configuration file or the filesyst...
EUVD-2025-34050
SOOP-CLM developed by PiExtract has a Hidden Functionality vulnerability, allowing privileged remote attackers to exploit a hidden functionality to execute arbitrary code on the server...
EUVD-2025-34051
An OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x could allow an attacker to execute arbitrary code on the user's machine...
EUVD-2025-33965
EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution...
CVE-2025-9976
An OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x could allow an attacker to execute arbitrary code on the user's machine...
CVE-2025-9976 OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x
An OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x could allow an attacker to execute arbitrary code on the user's machine...
CVE-2025-0636
EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution...
Heap-based Buffer Overflow
ImageMagick is vulnerable to a heap-based buffer overflow. The vulnerability is due to improper memory handling in the SeekBlob and WriteBlob functions, which allows an attacker to write data beyond allocated memory, potentially leading to arbitrary code execution or application crashes...
CVE-2025-0636 Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller
EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution...
CVE-2025-0636 Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller
EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution...
CVE-2025-0636
CVE-2025-0636 affects Ericsson RAN Compute and Ericsson Site Controller (EMCLI). The issue is a high-severity vulnerability arising from improper neutralization of special elements used in an OS command, potentially enabling Arbitrary Code Execution. The publicly documented details across multipl...
libtiff: Libtiff Write-What-Where
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...
Dassault Systèmes 3DSwymer 安全漏洞
Dassault Systèmes 3DSwymer is a platform from Dassault Systèmes, France. It helps connect employees, partners and customers across the ecosystem for collaboration. A security vulnerability exists in Dassault Systèmes 3DSwymer that originates from stored cross-site scripting and could lead to the...
YtGrabber-TUI 后置链接漏洞
YtGrabber-TUI is the interface of a software by the individual developer of Женя Бородин. A back-linking vulnerability exists in versions prior to YtGrabber-TUI 1.0-rc, which stems from a configurable path pointing to malicious code that could lead to the execution of arbitrary code...