EUVD-2025-37768

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

CVE-2025-46725 Langroid has a Code Injection vulnerability in LanceDocChatAgent through vector_store

Langroid is a Python framework to build large language model LLM-powered applications. Prior to version 0.53.15, LanceDocChatAgent uses pandas eval through computefromdocs. As a result, an attacker may be able to make the agent run malicious commands through QueryPlan.dataframecalc compromising t...

Socomec Net Vision Authentication Vulnerability

Socomec Net Vision is a network management solution developed by SOCOMEC for its Uninterruptible Power Supply UPS products to remotely monitor, condition manage and automate the operation of UPS. An authentication vulnerability exists in Socomec Net Vision, which stems from the application's use ...

CVE-2023-5346

creationtimestamp| type| source ---|---|--- 2023-10-05 22:13:07+00:00| seen| https://t.me/cibsecurity/71678 2023-10-11 13:47:32+00:00| seen| https://t.me/truesecator/4951 2025-05-01 20:15:42+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14384...

CVE-2020-29439

Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module BCM to initiate a Bluetooth wake-up action. The full VIN is visible from outside the vehicle...

CVE-2025-0351

...