CVE-2025-3158

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file code/AssetLib/LWO/LWOAnimation.cpp of the component LWO File Handler. The manipulation...

PT-2025-13784

Name of the Vulnerable Software and Affected Versions PyTorch version 2.6.0 Description An issue exists in the torch.jit.script function that can lead to memory corruption. This flaw allows an attack to be launched on the local host. Recommendations At the moment, there is no information about a...

CVE-2025-2924

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HLfldeserialize of the file src/H5HLcache.c. The manipulation of the argument freeblock leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The...

CVE-2025-1632

A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the publi...

Amazon Linux AMI : rsync (ALAS-2025-1955)

The version of rsync installed on the remote host is prior to 3.0.6-12.17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1955 advisory. A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an...

MAL-2024-11991 Malicious code in host-exploit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8c88a475b723d108a1436e644b77f957b6c71df50e99efaabff655288073d99c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in host-exploit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8c88a475b723d108a1436e644b77f957b6c71df50e99efaabff655288073d99c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

U.S. and Russia–Not China–Lead List of Malicious Hosting Providers

China has become the go-to bogeyman behind every cyber attack or malware campaign, but if you’re looking for the most malicious hosting providers on the Web, you won’t find any of the top 10 in China. In fact, the United States and Russia have many more bad hosting providers in the top 20 than...

[eVuln] Scriptme products BBCode 'url' XSS Vulnerability

New eVuln Advisory: Scriptme products BBCode 'url' XSS Vulnerability http://evuln.com/vulns/65/summary.html --------------------Summary---------------- eVuln ID: EV0065 CVE: CVE-2006-0661 Vendor: Scriptme Vendor's Web Site: http://www.scriptme.com/ Software: "SmE GB Host" "SmE Blog Host" Versions...

phpBB viewtopic.php highlight Parameter SQL Injection (ESMARKCONANT)

The remote host is running phpBB. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands in the login form. An attacker could exploit this flaw to bypass the authentication of the remote host or execute arbitrary SQL statements against the remote database...

MS02-050: Certificate Validation Flaw Could Enable Identity Spoofing (328145)

The remote host contains a version of the CryptoAPI that could allow an attacker to spoof the identity of another user with malformed SSL certificates. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11145; scriptversion"1.49"; scriptcvsdate"Date: 2018/11/15 20:50:29"...