47 matches found
CVE-2021-27380
A vulnerability has been identified in Solid Edge SE2020 All versions SE2020MP13, Solid Edge SE2021 All Versions SE2021MP4. Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the end of an allocated structure...
CVE-2018-1000832
ZoneMinder version = 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution...
EUVD-2021-20991
Malware in sbrugna...
EUVD-2020-0365
Malware in sbrugna...
EUVD-2020-19515
Malware in sbrugna...
EUVD-2018-1809
Malware in sbrugna...
EUVD-2025-24609
Malicious code in bioql PyPI...
EUVD-2023-38421
Malicious code in bioql PyPI...
EUVD-2021-9891
Malicious code in bioql PyPI...
EUVD-2023-0182
Malicious code in bioql PyPI...
CVE-2025-23315
NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information...
CVE-2025-6637 PRT File Parsing Out-of-Bounds Write Vulnerability
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...
CVE-2025-5120 Sandbox Escape Vulnerability in huggingface/smolagents
A sandbox escape vulnerability was identified in huggingface/smolagents version 1.14.0, allowing attackers to bypass the restricted execution environment and achieve remote code execution RCE. The vulnerability stems from the localpythonexecutor.py module, which inadequately restricts Python code...
CVE-2025-54379 eKuiper API endpoints handling SQL queries with user-controlled table names.
LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. In versions before 2.2.1, there is a critical SQL Injection vulnerability in the getLast API functionality of the eKuiper project. This flaw allows unauthenticated remote...
CVE-2025-23266
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering,...
CVE-2024-36357
A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries...
CVE-2025-49155
CVE-2025-49155 involves an uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module, enabling arbitrary code execution on affected installations. Affected software: Trend Micro Apex One Data Loss Prevention (module specified; no exact versions given in source...
CVE-2020-11009
In Rundeck before version 3.2.6, authenticated users can craft a request that reveals Execution data and logs and Job details that they are not authorized to see. Depending on the configuration and the way that Rundeck is used, this could result in anything between a high severity risk, or a very...
CVE-2019-13558
In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash...
CVE-2012-6298
Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to execute arbitrary commands or modify data via unknown vectors...