CVE-2025-8733

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison...

PT-2025-30186 · Eluktronics · Eluktronics Control Center

Name of the Vulnerable Software and Affected Versions: Eluktronics Control Center version 5.23.51.41 Description: A problematic issue exists within the REG File Handler component of the software due to insufficient verification of data authenticity. This can be exploited on the local host. The...

CVE-2025-6857 HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflow

A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5Gnodecmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been...

UBUNTU-CVE-2025-6816

A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5Ofsinfoencode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to...

CVE-2025-6816 HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow

A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5Ofsinfoencode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to...

CVE-2025-6498

A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

CVE-2025-6498 HTACG tidy-html5 alloc.c defaultAlloc memory leak

A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

CVE-2025-6120 Open Asset Import Library Assimp HL1MDLLoader.cpp read_meshes heap-based overflow

A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function readmeshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to heap-based buffer overflow. It is possible to...

CVE-2025-5324

CVE-2025-5324 affects TechPowerUp GPU-Z 2.23.0. The issue is in the IOCTL Handler component 0x8000645C, specifically function sub_140001880 in GPU-Z.sys, causing a memory leak. Exploitation is local and the vulnerability has been publicly disclosed. PT security advisory notes a temporary mitigati...

CVE-2025-5200

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDLImporter::InternReadFileQuake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. It is possible to launch the attac...

CVE-2025-5200

CVE-2025-5200 affects Open Asset Import Library Assimp 5.4.3. The issue lies in MDLImporter::InternReadFile_Quake1 (MDLLoader.cpp), causing an out-of-bounds read. Local attack possible; exploit has been disclosed publicly. Public documentation confirms the vulnerability details; no public remedia...

PYSEC-2025-173

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to...

PT-2025-22930 · Assimp +1 · Assimp +1

Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A problem was found in the function MDLImporter::InternReadFile Quake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp, which leads to out-of-bounds read. The attack can be launch...

CVE-2017-20066

A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used...

PT-2025-20620 · Unknown · Simple Bus Reservation System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Bus Reservation System version 1.0 Description: A critical vulnerability has been found in the function a::install of the component Install Bus. The manipulation of the argument bus leads to a stack-based buffer overflow...

CVE-2025-4472 code-projects Departmental Store Management System bill stack-based overflow

A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item Code leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The explo...

CVE-2025-3805

CVE-2025-3805 affects sarrionandia tournatrack (Jinja2 Template Handler) with a vulnerability in the check_id.py file. The issue is caused by manipulation of the ID argument, leading to local-injection. Exploitation has been disclosed publicly, and usable exploit details exist in several sources....

CVE-2025-3158

A flaw has been found in the Open Asset Import Library assimp. In affected versions, a malformed LWO file may trigger a heap-based buffer overflow, which may lead to an application crash or other undefined behavior...

InternLM LMDeploy code injection vulnerability

A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been declared as critical. Affected by this vulnerability is the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit has...

CVE-2025-3163

A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been declared as critical. Affected by this vulnerability is the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit has...