Low: cuda-demo-suite-12-8

Issue Overview: NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53870...

Low: cuda-nvtx-12-8

Issue Overview: NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53870...

SQLite 3.44.0 - 3.49.0 Multiple Vulnerabilities

SQLite is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sqlite:sqlite"; ifdescription...

Microsoft Edge Update Setup (Chromium-based) Detection (Windows SMB Login)

This script detects the installed version of Microsoft Edge Update Setup Chromium-based for Windows. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

📄 RemotePC Remote Code Execution

RemotePC suffers from an unauthenticated remote code execution vulnerability. The release for this on github offers no version information. Exploit Title: RemotePC - Unauthenticated RCE Date: 2025-04-14 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://github.com/akoc95/RemotePC Version: latest...

CVE-2025-32035

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to 9.13.2, when uploading files e.g. when uploading assets, the file extension is checked to see if it's an allowed file type but the actual contents of the file aren't checked. This...

Reliance on File Name or Extension of Externally-Supplied File

Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Reliance on File Name or Extension of Externally-Supplied File when handling uploaded files in FileSystem/FileManager.cs and...

CVE-2025-32035 DNN does not check the contents of a file when uploading files

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to 9.13.2, when uploading files e.g. when uploading assets, the file extension is checked to see if it's an allowed file type but the actual contents of the file aren't checked. This...

CVE-2025-29999

A vulnerability has been identified in Siemens License Server SLS All versions V4.3. The affected application searches for executable files in the application folder without proper validation. This could allow an attacker to execute arbitrary code with administrative privileges by placing a...

CVE-2025-29999

A vulnerability has been identified in Siemens License Server SLS All versions V4.3. The affected application searches for executable files in the application folder without proper validation. This could allow an attacker to execute arbitrary code with administrative privileges by placing a...

CVE-2025-29999

A vulnerability has been identified in Siemens License Server SLS All versions V4.3. The affected application searches for executable files in the application folder without proper validation. This could allow an attacker to execute arbitrary code with administrative privileges by placing a...

CVE-2025-29999

CVE-2025-29999 affects Siemens License Server (SLS) prior to v4.3. The issue: the application searches for executable files in its folder without proper validation, allowing an attacker to execute arbitrary code with administrative privileges by placing a malicious executable in the same director...

PT-2025-15406 · Siemens · Siemens License Server

Name of the Vulnerable Software and Affected Versions: Siemens License Server SLS versions prior to V4.3 Description: A vulnerability has been identified where the affected application searches for executable files in the application folder without proper validation. This could allow an attacker ...

Siemens License Server（SLS） 安全漏洞

Siemens License Server SLS is a tool from Siemens, Germany, for managing and distributing licenses for Siemens software products. A privilege mismanagement vulnerability exists in Siemens License Server that stems from not properly validating an executable file in an application folder, which can...

CVE-2025-29481

Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpfobjectinitprog function of libbpf. This has been disputed by third parties who assert that "no one in their sane mind should be passing untrusted ELF files into libbpf while running under...

The vulnerability of the mangle platform’s executable file for application deployment and management allows a perpetrator to execute arbitrary system commands.

The vulnerability of the mangle platform’s executable file for application deployment and management related to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary system commands by sending specially crafted HTTP requests remotely...

[SECURITY] Fedora 41 Update: upx-5.0.0-1.fc41

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

[SECURITY] Fedora 40 Update: upx-5.0.0-1.fc40

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

The vulnerability of the MOTW mechanism of the WinRAR file archiver allows a hacker to execute arbitrary code.

The vulnerability of the Mark of the Web MOTW file archiver WinRAR is related to the lack of a warning message for users regarding unsafe actions related to the user interface when processing symbolic links that point to executable files. Exploiting this vulnerability allows a malicious actor to...

CVE-2025-31334

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the affected product, arbitrary code may be execut...