CVE-2025-54952

An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b...

CVE-2025-54952

ExecuTorch CVE-2025-54952 stems from an integer overflow in the loading path of ExecuTorch models that can allocate smaller-than-expected memory regions. The root cause is an arithmetic/size miscalculation during model loading, which may enable code execution or other undesirable effects as descr...

CVE-2025-54951

A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c...

CVE-2025-54951

ExecuTorch model-loading code is affected by a family of heap-based/buffer overflow vulnerabilities that can crash the runtime and potentially allow code execution. Affected: ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c. Remediation: apply the fix introduced in commit cea9b...

CVE-2025-54950

An out-of-bounds access vulnerability in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit b6b7a16df5e7852d976d8c34c8a7e9a1b6f7d005...

CVE-2025-30405

An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73...

CVE-2025-30405

The CVE-2025-30405 entry describes an integer overflow in the loading of ExecuTorch models, causing objects to be placed outside their allocated memory. Affected software is ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73. Reported impact includes potential code execution or o...

CVE-2025-30404

An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006...

CVE-2025-30404

The CVE-2025-30404 issue is an integer overflow in the loading code of ExecuTorch models, causing overlapping memory allocations. This vulnerability affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006. Underlying cause: integer overflow during model loading. Potential impa...

CVE-2025-30404

An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006...

CVE-2025-6207

The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpietempalteimport' function in all versions up to, and including, 3.9.28. This makes it possible for authenticated attackers, with Subscriber-level access and above,...

PT-2025-32329

Name of the Vulnerable Software and Affected Versions Apache CXF versions prior to 3.6.8 Apache CXF versions prior to 4.0.9 Apache CXF versions prior to 4.1.3 Description If untrusted users are permitted to configure JMS Java Message Service for Apache CXF, they could use RMI Remote Method...

Linux Distros Unpatched Vulnerability : CVE-2018-5145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these...

PT-2025-32320

Name of the Vulnerable Software and Affected Versions ExecuTorch versions prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73 Description An integer overflow vulnerability exists in the loading of ExecuTorch models. This can lead to objects being placed outside of their allocated memory,...

Linux Distros Unpatched Vulnerability : CVE-2021-29977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers reported memory safety bugs present in Firefox 89. Some of these bugs showed evidence of memory corruption and we presume that with enough...

Linux Distros Unpatched Vulnerability : CVE-2022-46874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could...

CVE-2025-23317

NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information...

PT-2025-32120 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A memory corruption issue exists when submitting blob data to kernel space through an IOCTL Input/Output Control call. This can lead to system instability or potential code execution...

PT-2025-31913 · WordPress · Wp Import Export Lite

Name of the Vulnerable Software and Affected Versions: WP Import Export Lite versions through 3.9.28 Description: The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wpie tempalte import function. This allows...

Apple Safari Security Update (HT124152)

Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...