Ruby Dragonfly <1.4.0 - Remote Code Execution

Ruby Dragonfly before 1.4.0 contains an argument injection vulnerability that allows remote attackers to read and write to arbitrary files via a crafted URL when the verifyurl option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishand...

CVE-2021-0692

In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

EUVD-2018-15674

Malware in sbrugna...

EUVD-2019-8117

Malware in sbrugna...

EUVD-2020-6172

Malware in sbrugna...

EUVD-2021-13821

Malware in sbrugna...

EUVD-2020-12234

Malware in sbrugna...

EUVD-2024-28272

Malicious code in bioql PyPI...

EUVD-2022-33549

Malicious code in bioql PyPI...

EUVD-2023-25524

Malicious code in bioql PyPI...

EUVD-2025-2140

Malicious code in bioql PyPI...

Autel MaxiCharger AC Wallbox Commercial Buffer Overflow Vulnerability (CNVD-2025-14946)

Autel MaxiCharger AC Wallbox Commercial is a smart AI electric car charger from Autel USA. The Autel MaxiCharger AC Wallbox Commercial suffers from a buffer overflow vulnerability that stems from the DLBSlaveRegister message failing to properly validate the length size of the input data, which ca...

CVE-2025-30289 ColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. A low privileged attacker with local access could leverage...

CVE-2024-47151

Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution...

CVE-2015-20111

miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in...

CVE-2024-49525 Substance3D - Painter | Heap-based Buffer Overflow (CWE-122)

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-39388 ZDI-CAN-24055: Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

Substance3D - Stager versions 3.0.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Siemens Simcenter Nastran Stack Buffer Overflow Vulnerability

Simcenter Nastran is a finite element method solver. A stack buffer overflow vulnerability exists in Siemens Simcenter Nastran, which can be exploited by an attacker to execute code in the context of the current process when an affected application parses a specific string as a parameter to an...

Out-of-Memory

thunderbird is vulnerable to Out-of-Memory. The vulnerability is due to the library's previous behavior of attempting to continue execution despite encountering out-of-memory conditions, which could potentially lead to exploitation...

CVE-2024-26064

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containin...