171 matches found
CMSimple Cross-Site Scripting Vulnerability
CMSimple is a free content management system. CMSimple suffers from a cross-site scripting vulnerability that stems from the application not effectively filtering or neutralizing HTML Unicode encoding when processing user input. An attacker could use this vulnerability to execute arbitrary...
UBUNTU-CVE-2018-25154
GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allows attackers to trigger memory corruption. Attackers can exploit boundary errors during input file processing to potentially execute arbitrary code on the affected system...
PT-2025-53374
GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allows attackers to trigger memory corruption. Attackers can exploit boundary errors during input file processing to potentially execute arbitrary code on the affected system...
Retro 跨站脚本漏洞
Retro is an online platform for displaying vintage style items by the individual developer Lakshmi Pavananjali. A cross-site scripting vulnerability exists in Retro versions prior to 2.4.7, which stems from the input processing component being susceptible to cross-site scripting attacks...
CVE-2025-33194
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service...
CVE-2025-33194
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service...
CVE-2025-33194
The CVE-2025-33194 entry affects NVIDIA DGX Spark GB10, specifically the SROOT firmware. The vulnerability stems from improper processing of input data in SROOT, with documented consequences including information disclosure and denial of service. There is no exploitation status provided in the so...
CVE-2025-33194
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service...
vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs
Summary Users can crash the vLLM engine serving multimodal models by passing multimodal embedding inputs with correct ndim but incorrect shape e.g. hidden dimension is wrong, regardless of whether the model is intended to support such inputs as defined in the Supported Models page. The issue has...
Xen 安全漏洞
Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen that stems from a...
Agentic AI’s OODA Loop Problem
The OODA loop --for observe, orient, decide, act--is a framework to understand decision-making in adversarial situations. We apply the same framework to artificial intelligence agents, who have to make their decisions with untrustworthy observations and orientation. To solve this problem, we need...
Denial Of Service (DoS)
xgrammar is vulnerable to Denial Of Service DoS. The vulnerability is due to a regression in the Earley parser, which causes excessive processing time for valid grammar inputs, allowing an attacker to exploit this inefficiency to trigger denial of service through resource exhaustion...
EUVD-2018-10923
Malware in sbrugna...
EUVD-2020-6642
Malware in sbrugna...
EUVD-2020-27388
Malware in sbrugna...
EUVD-2024-34879
Malicious code in bioql PyPI...
EUVD-2024-53554
Malicious code in bioql PyPI...
EUVD-2022-49685
Malicious code in bioql PyPI...
EUVD-2022-49683
Malicious code in bioql PyPI...
EUVD-2025-10492
Malicious code in bioql PyPI...