EUVD-2026-29555

The CosyVoice project thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its model loading process. When loading model files .pt from a user-specified directory via the --modeldir argument, the code uses torch.load without...

CVE-2026-31224

The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability CWE-502 in the MultitaskClassifier.load method of the MultitaskClassifier class. The method loads model weight files using torch.load without enabling the security-restrictive weightsonly=True parameter. This...

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the torch.load function. An attacker can execute arbitrary code by providing a specially crafted model file that is loaded without proper security parameters. Details Serialization is a process of...

CVE-2024-35303

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0012, Tecnomatix Plant Simulation V2404 All versions V2404.0001. The affected applications contain a type confusion vulnerability while parsing specially crafted MODEL files. This could allow an attacker t...

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation in simulation models for systems and processes involves writing beyond buffer boundaries, allowing attackers to execute arbitrary code.

The vulnerability of the software environment for simulation modeling of systems and processes in Siemens Tecnomatix Plant Simulation lies in the issue of buffer overflow attacks. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created WRL files...

The vulnerability of the ASMkern229A.dll and ASMBASE229A.dll libraries, which are software components for modeling, design, and drawing in AutoCAD, allows a malicious actor to cause an unexpected termination of the application or execute arbitrary code.

The vulnerability of the ASMkern229A.dll and ASMBASE229A.dll libraries, which are software components for modeling, design, and drafting in AutoCAD, relates to the reading of data beyond the specified buffer. Exploiting this vulnerability can allow an attacker to cause the application to terminat...

The vulnerability of the libodx.dll library in the AutoCAD modeling, design, and drawing software allows a perpetrator to cause an unexpected termination of the application or execute arbitrary code.

The vulnerability of the libodx.dll library in AutoCAD simulation, design, and drawing software relates to the reading of data beyond the specified buffer. Exploiting this vulnerability can allow an attacker to cause the application to terminate abnormally or execute arbitrary code using a...

CVE-2024-23143

A maliciously crafted 3DM, MODEL and XB file, when parsed in ASMkern229A.dll and ASMBASE229A.dll through Autodesk applications, can force an Out-of-Bound Read and/or Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary co...

SAP 3D Visual Enterprise Author 缓冲区错误漏洞

SAP 3D Visual Enterprise Author is a desktop application from SAP Germany for managing 2D, 3D, animation, video and audio assets. SAP 3D Visual Enterprise Author suffers from a buffer overflow vulnerability that stems from a lack of proper memory management and can be exploited by an attacker to...