1113 matches found
EUVD-2025-205173
In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case. Otherwise there is a...
EUVD-2025-205040
Not used...
EUVD-2025-205030
Not used...
EUVD-2025-205042
A vulnerability was detected in code-projects Student Information System 1.0. This vulnerability affects unknown code of the file /profile.php. Performing manipulation of the argument firstname/lastname results in cross site scripting. The attack is possible to be carried out remotely. The exploi...
EUVD-2025-204812
NSF Unidata NetCDF-C Variable Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NSF Unidata NetCDF-C. User interaction is required to exploit this vulnerability in that the target...
EUVD-2025-204811
NSF Unidata NetCDF-C Dimension Name Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NSF Unidata NetCDF-C. User interaction is required to exploit this vulnerability in that the target...
EUVD-2025-204819
PMB 7.4.6 contains a SQL injection vulnerability in the storage parameter of the ajax.php endpoint that allows remote attackers to manipulate database queries. Attackers can exploit the unsanitized 'id' parameter by injecting conditional sleep statements to extract information or perform time-bas...
EUVD-2025-204823
Hugging Face Transformers SEW-D convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...
EUVD-2025-204831
Hugging Face Accelerate Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Accelerate. User interaction is required to exploit this vulnerability in that the target...
EUVD-2025-204832
Hugging Face Transformers SEW convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the targe...
EUVD-2025-204827
Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...
EUVD-2025-204842
A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted input into the filename parameter...
EUVD-2025-204862
This CVE id was assigned but later discarded...
EUVD-2025-204855
NVIDIA Isaac Launchable contains a vulnerability where an attacker could exploit a hard-coded credential issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering...
EUVD-2025-204798
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...
EUVD-2025-204804
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing data The URB received in gsusbreceivebulkcallback contains a struct gshostframe. The length of the data after the header depends on the gshostframe hf::fla...
EUVD-2025-204799
In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...
EUVD-2025-204803
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Don't free uninitialized kszirq If something goes wrong at setup, kszirqfree can be called on uninitialized kszirq for example when kszptpirqsetup fails. It leads to freeing uninitialized IRQ numbers and/or...
EUVD-2025-204777
Not used...
EUVD-2025-204773
Not used...