EUVD-2025-176172

Malicious code in stub-encode-object-meta-info npm...

UBUNTU-CVE-2023-53509

In the Linux kernel, the following vulnerability has been resolved: qed: allow sleep in qedmcptracedump By default, qedmcpcmdandunion delays 10us at a time in a loop that can run 500K times, so calls to qedmcpnvmrdcmd may block the current thread for over 5s. We observed thread scheduling delays...

CVE-2025-51990

XWiki 17.3.0 and earlier are affected by stored XSS in the Administration interface (Presentation section of Global Preferences). An authenticated administrator can inject JavaScript into the HTTP Meta Info, Footer Copyright, and Footer Version fields; these payloads are stored and rendered witho...

PT-2025-34072

Name of the Vulnerable Software and Affected Versions: XWiki versions through 17.3.0 Description: XWiki is vulnerable to Server-Side Template Injection SSTI in the Administration interface, specifically within the HTTP Meta Info field of the Global Preferences Presentation section. An authenticat...

PT-2025-40216

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.4.182+ 202104120910+6d1da174272d.61x Description The Linux kernel contains a flaw within the qed driver related to the qed mcp trace dump function. The qed mcp cmd and union function can cause delays exceeding ...

CVE-2020-6152

A code execution vulnerability exists in the DICOM parsedicommetainfo functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause an out-of-bounds write. An attacker can trigger this vulnerability by providing a victim with a malicious DICOM file...

CVE-2019-5041

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file t...