Lucene search
K

18 matches found

Positive Technologies
Positive Technologies
added 5 days ago9 views

PT-2026-53221

Name of the Vulnerable Software and Affected Versions Delta Electronics DTM Soft affected versions not specified Description The software is susceptible to the deserialization of untrusted data, which can allow an attacker to execute arbitrary code. Real-world exploitation has been observed where...

8.4CVSS6AI score0.00388EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.13 views

National Security Agency Ghidra 代码问题漏洞

National Security Agency Ghidra is a software reverse-engineering framework developed by the National Security Agency NSA. Previous versions of National Security Agency Ghidra, such as version 12.1, had code vulnerabilities. These vulnerabilities stemmed from insecure deserialization in the RMI...

8.8CVSS6.2AI score0.0071EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

JetBrains Junie 安全漏洞

JetBrains Junie is a coding proxy provided by the Czech company JetBrains. Versions of JetBrains Junie prior to 252.549.29 contained security vulnerabilities, which were due to the possibility of executing commands through malicious project files...

9.8CVSS5.8AI score0.00257EPSS
Exploits0References2
OSV
OSV
added 2026/02/03 6:30 p.m.2 views

GHSA-5R63-Q8HG-P8QX FUXA allows Remote Code Execution (RCE) via the project import functionality.

FUXA v1.2.7 allows Remote Code Execution RCE via the project import functionality. The application does not properly sanitize or sandbox user-supplied scripts within imported project files. An attacker can upload a malicious project containing system commands, leading to full system compromise...

9.8CVSS5.7AI score0.00416EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/15 6:28 p.m.3 views

CVE-2025-13844

CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file SSD file shared by the attacker into Rapsody...

8.4CVSS6.6AI score0.00138EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:48 a.m.6 views

CVE-2022-27580

A deserialization vulnerability in a .NET framework class used and not properly checked by Safety Designer all versions up to and including 1.11.0 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges ...

7.8CVSS7.6AI score0.00335EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-12202

Malicious code in bioql PyPI...

9.3CVSS7.6AI score0.21846EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:49 p.m.5 views

CVE-2022-27579

A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the...

7.8CVSS7.6AI score0.00335EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.8 views

PT-2025-20839 · Schneider Electric · Ecostruxure Power Build +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Stack-based Buffer Overflow issue exists that could allow local attackers to potentially execute arbitrary code when the end user opens a malicious project file provided by the attacker...

4.6CVSS6.9AI score0.00161EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.5 views

PT-2024-2220 · Schneider Electric · Ecostruxure Power Design - Ecodial

Name of the Vulnerable Software and Affected Versions: EcoStruxure Power Design - Ecodial affected versions not specified Description: A Deserialization of Untrusted Data issue exists, potentially allowing remote code execution when a malicious project file is loaded into the application by a val...

7.8CVSS8.2AI score0.00423EPSS
Exploits0References7
OSV
OSV
added 2024/01/22 6:15 p.m.5 views

CVE-2022-45792

Project files may contain malicious contents which the software will use to create files on the filesystem. This allows directory traversal and overwriting files with the privileges of the logged-in user...

7.8CVSS5.8AI score0.00326EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/01/30 1:15 p.m.5 views

CVE-2022-45788

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

9.8CVSS7.7AI score0.01163EPSS
Exploits0References2
OSV
OSV
added 2022/08/31 4:15 p.m.2 views

CVE-2022-2866

FATEK FvDesigner version 1.5.103 and prior is vulnerable to an out-of-bounds write while processing project files. If a valid user is tricked into using maliciously crafted project files, an attacker could achieve arbitrary code execution...

7.8CVSS6AI score0.00291EPSS
Exploits0References1
NVD
NVD
added 2022/07/19 4:15 p.m.11 views

CVE-2022-27580

A deserialization vulnerability in a .NET framework class used and not properly checked by Safety Designer all versions up to and including 1.11.0 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges ...

7.8CVSS0.00335EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/07/19 3:52 p.m.17 views

CVE-2022-27580

A deserialization vulnerability in a .NET framework class used and not properly checked by Safety Designer all versions up to and including 1.11.0 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges ...

8AI score0.00335EPSS
Exploits0References1
Sick AG
Sick AG
added 2022/05/16 10:0 a.m.9 views

Vulnerability in SICK Flexi Soft Designer & Safety Designer

A deserialization vulnerability in a .NET framework class used by both SICK Flexi Soft Designer and SICK Safety Designer allows an attacker to create malicious project files...

8.6CVSS7AI score0.00335EPSS
Exploits0
OSV
OSV
added 2021/01/26 6:15 p.m.5 views

CVE-2020-16236

FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code...

7.8CVSS7.3AI score0.01191EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/01/12 11:0 a.m.20 views

CVE-2006-0187

By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control UserControl1Load function, which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file...

7.3AI score0.19085EPSS
Exploits1References5
Rows per page
Query Builder