EUVD-2026-9498

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

CVE-2026-2297 SourcelessFileLoader does not use io.open_code()

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

CPython 安全漏洞

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability that arises from the lack of using io.opencode when handling legacy .pyc files. This vulnerability may cause the sys.audit handler to fail to trigger...

CVE-2025-53618

An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function grayscaleconvert is called base...

CVE-2025-53618

An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function grayscaleconvert is called base...

PT-2025-49333

Name of the Vulnerable Software and Affected Versions Flex QR Code Generator plugin for WordPress versions up to and including 1.2.6 Description The Flex QR Code Generator plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type validation. This occurs in the...

EUVD-2021-20725

Malware in sbrugna...

EUVD-2025-29495

Malicious code in bioql PyPI...

CVE-2025-8423

The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mtswptremoveplugin and ajaxupdateexportcode functions in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with...

Linux Distros Unpatched Vulnerability : CVE-2018-16981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stb stbimage.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbioutgifcode function. CVE-2018-16981 Note tha...

OpenEMR 安全漏洞

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing requests. A security vulnerability exists in OpenEMR versions prior to 7.3.0, which stems...

OESA-2023-1985 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

Grocy Cross-Site Scripting Vulnerability

Grocy is a web-based self-hosted grocery and home management solution from Grocy Open Source. A cross-site scripting vulnerability exists in Grocy version v.4.0.3, which stems from a cross-site scripting XSS vulnerability in the QR code function of the manageapikeys component. An attacker could...

SUSE CVE-2016-2796

Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite...

SUSE CVE-2016-10169

The readcode function in readwords.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WV file...

UBUNTU-CVE-2020-21913

International Components for Unicode ICU-20850 v66.1 was discovered to contain a use after free bug in the pkgcreateWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp...

Infraware Polaris ML Report Program Buffer Error Vulnerability

Infraware Polaris ML Report is a web browser based web software from Infraware, Korea that enables compatibility printing reports. A security vulnerability exists in ML Report Program, which originates from a stack-based buffer overflow in the sub41EAF0 function of mlreportdeam .exe. The function...

Audacity 2.3 - Denial of Service (PoC)

Exploit Title: AudaCity 2.3 - Denial of Service PoC Author: Kağan Çapar Discovery Date: 2018-10-19 Software Link: https://www.fosshub.com/Audacity.html Vendor Homepage : https://www.audacityteam.org Tested Version: 2.3 Tested on OS: Windows 10 x64/86 Normal use CPU & Windows 7 High CPU usage &...

DEBIAN-CVE-2016-10169

The readcode function in readwords.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WV file...

DEBIAN-CVE-2016-2796

Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite...