14 matches found
Claude Code security vulnerabilities
Claude Code is an open-source proxy encoding tool developed by Anthropic. Versions of Claude Code prior to 2.0.65 contained security vulnerabilities. These vulnerabilities stemmed from the project’s loading process, which allowed malicious repositories to leak data before the user confirmed trust...
Out-of-bounds Write
executorch is vulnerable to Out-of-bounds Write. The vulnerability is due to improper memory boundary handling due to a flaw in the model loading process that allows out-of-bounds reads or writes, potentially leading to crashes or code execution...
The vulnerability of ESET’s command-line scanner for anti-virus protection allows a hacker to execute arbitrary code.
The vulnerability of ESET’s command-line scanner for anti-virus protection is related to an uncontrolled element in the loading process of the version.dll library. Exploiting this vulnerability can allow a hacker to execute arbitrary code...
PT-2025-3297 · Unknown · 3D Engine Module
Name of the Vulnerable Software and Affected Versions: 3D engine module affected versions not specified Description: The issue concerns the lack of verification of input parameters during the loading of glTF models in the 3D engine module. Successful exploitation of this issue may impact...
The vulnerabilities of Mitsubishi Electric’s software products, including EZSocket, FR Configurator2, GT Designer3 Version1(GOT1000), GT Designer3 Version1(GOT2000), GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, and MX OPC Server DA/UA (software included with MC Works64), are related to the use of external control inputs for class selection. This allows a malicious individual to execute arbitrary code.
The vulnerabilities of Mitsubishi Electric’s software products, including EZSocket, FR Configurator2, GT Designer3 Version1GOT1000, GT Designer3 Version1GOT2000, GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, and MX OPC Server DA/UA software included with MC Works64, are relate...
The vulnerability of the C-Bus Toolkit software exists due to an incorrect limitation on the path name to the restricted access directory, allowing a perpetrator to execute arbitrary code.
The vulnerability of the C-Bus Toolkit software exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the file loading process...
The vulnerability of Microprogrammed Software in Cisco Aironet Access Points, related to access control deficiencies, allows a intruder to execute arbitrary code during the loading process.
The vulnerability of Microprogrammed Software in Cisco Aironet Access Points is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to execute arbitrary code during the loading process...
CVE-2021-1240
A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to...
The vulnerability in the implementation of the Secure Boot protocol for operating systems with Windows, which allows a perpetrator to disclose protected information
The vulnerability of the Secure Boot protocol for Windows operating systems is related to errors in accessing debug functions during the loading process. Exploiting this vulnerability can allow attackers to disclose sensitive information, using a specially created application...
The vulnerability of the Image Verification function in the Cisco IOS XE operating system allows a perpetrator to install malware onto a vulnerable device or upload malicious executable files.
The vulnerability of the Image Verification function in the Cisco IOS XE operating system is related to the lack of verification of file signatures during the system’s loading process. Exploiting this vulnerability allows a perpetrator to install malware onto a vulnerable device or load malicious...
The vulnerability in the implementation of the Secure Boot protocol for operating systems Windows allows attackers to disclose protected information.
The vulnerability of the Secure Boot protocol for loading operating systems on Windows is related to errors in accessing debugging functions during the loading process. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the security measures...
The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code
The vulnerability of NVIDIA’s loading driver and the Android operating system’s power management chip is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code during the loading process and the power management by the...
jdk7-openjdk: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...
jre8-openjdk: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...