EUVD-2026-10948

Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a vict...

CVE-2026-21363 Substance3D - Painter | NULL Pointer Dereference (CWE-476)

Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires...

EUVD-2005-4500

Malware in sbrugna...

EUVD-2020-3888

Malware in sbrugna...

EUVD-2019-6292

Malware in sbrugna...

EUVD-2024-46989

Malicious code in bioql PyPI...

EUVD-2023-29786

Malicious code in bioql PyPI...

EUVD-2024-42793

Malicious code in bioql PyPI...

EUVD-2024-37940

Malicious code in bioql PyPI...

EUVD-2024-41330

Malicious code in bioql PyPI...

EUVD-2021-9118

Malicious code in bioql PyPI...

EUVD-2024-20659

Malicious code in bioql PyPI...

EUVD-2022-44512

Malicious code in bioql PyPI...

EUVD-2025-7649

Malicious code in bioql PyPI...

EUVD-2024-21987

Malicious code in bioql PyPI...

EUVD-2022-52476

Malicious code in bioql PyPI...

EUVD-2022-32682

Malicious code in bioql PyPI...

CVE-2025-45893

OpenCart version 4.1.0.4 is vulnerable to a Stored Cross-Site Scripting XSS attack via SVG file uploads used in blog posts. The vulnerability arises because SVG files uploaded through the media manager are not properly sanitized. Attackers can craft a malicious SVG file containing embedded...

CVE-2025-7235 IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2022-25366

Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious...