CVE-2026-7318

A vulnerability was detected in elie mcp-project 0.1.0. The affected element is the function searchpapers of the file researchserver.py. The manipulation of the argument topic results in path traversal. Attacking locally is a requirement. The exploit is now public and may be used. The project was...

EUVD-2026-9119

A security vulnerability has been detected in ChaiScript up to 6.1.0. This impacts the function chaiscript::eval::ASTNodeImpl::eval/chaiscript::eval::FunctionPushPop of the file include/chaiscript/language/chaiscripteval.hpp. The manipulation leads to uncontrolled recursion. An attack has to be...

AIX (IJ57276)

The version of AIX installed on the remote host is prior to APAR IJ57276. It is, therefore, affected by a vulnerability as referenced in the IJ57276 advisory. - A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function...

CVE-2025-15570

A vulnerability was found in ckolivas lrzip up to 0.651. This impacts the function lzmadecompressbuf of the file stream.c. Performing a manipulation results in use after free. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the...

DEBIAN-CVE-2022-4981

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now publ...

EUVD-2025-8040

Malicious code in bioql PyPI...

EUVD-2025-8640

Malicious code in bioql PyPI...

EUVD-2025-18860

Malicious code in bioql PyPI...

CVE-2025-9577 TOTOLINK X2000R Administrative shadow.sample default credentials

A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this...

AZL-66213 CVE-2025-8844 affecting package nasm 2.16-1

A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parsesmacrotemplate of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

CVE-2025-8585

A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double free. Attacking locally is a requirement. The exploit has been...

CVE-2025-8585

A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double free. Attacking locally is a requirement. The exploit has been...

EulerOS 2.0 SP10 : augeas (EulerOS-SA-2025-1768)

According to the versions of the augeas package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function recaseexpand of the...

AZL-64278 CVE-2025-6269 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5Creconstructcacheentry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

CVE-2025-5645

A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of ...

CVE-2025-5204

CVE-2025-5204 affects Open Asset Import Library Assimp 5.4.3, specifically the MDLImporter::ParseSkinLump_3DGS_MDL7 path in MDLMaterialLoader.cpp. The vulnerability causes an out-of-bounds read and requires local access to exploit. Public disclosure of the exploit is noted. No remediation details...

CVE-2020-36547

A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings...

CBL Mariner 2.0 Security Update: pytorch (CVE-2025-3730)

The version of pytorch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-3730 advisory. - A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function...

CVE-2025-3588

A vulnerability, which was classified as problematic, has been found in joelittlejohn jsonschema2pojo 1.2.2. This issue affects the function apply of the file org/jsonschema2pojo/rules/SchemaRule.java of the component JSON File Handler. The manipulation leads to stack-based buffer overflow...

CBL Mariner 2.0 Security Update: augeas (CVE-2025-2588)

The version of augeas installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2588 advisory. - A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability...