Lucene search
K

73 matches found

CVE
CVE
added 2025/12/18 2:50 p.m.23 views

CVE-2025-64468

CVE-2025-64468 describes a use-after-free in NI LabVIEW’s sentry!sentry_span_set_data() when parsing a corrupted VI file. This could lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI file, and affects LabVIEW 2025 Q3 (25.3) and...

8.5CVSS6.9AI score0.00132EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/18 2:28 p.m.19 views

CVE-2025-64463 Out-of-Bounds Read in LVResource::DetachResource() in NI LabVIEW

There is an out of bounds read vulnerability in NI LabVIEW in LVResource::DetachResource when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...

8.5CVSS0.00135EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 2:28 p.m.3 views

CVE-2025-64463 Out-of-Bounds Read in LVResource::DetachResource() in NI LabVIEW

There is an out of bounds read vulnerability in NI LabVIEW in LVResource::DetachResource when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...

8.5CVSS6.8AI score0.00135EPSS
Exploits0References1
OSV
OSV
added 2025/10/21 9:33 p.m.4 views

GHSA-RX48-GQC2-4W47 Liferay Portal reflected cross-site scripting (XSS) vulnerability in the google_gaget

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q3.0 through 2025.Q3.2, 2025.Q2.0 through 2025.Q2.12, 2025.Q1.0 through 2025.Q1.17, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13,...

6.9CVSS5.9AI score0.00224EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.8 views

Liferay Portal和Liferay DXP 访问控制错误漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DX...

6.9CVSS6.9AI score0.00164EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/13 12:0 a.m.4 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

5.4CVSS6.4AI score0.00225EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/13 12:0 a.m.5 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

4.8CVSS6.4AI score0.00264EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-9327

Malware in sbrugna...

5.3CVSS5.6AI score0.01438EPSS
Exploits2References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-1175

Malware in sbrugna...

8.8CVSS8.6AI score0.03412EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-33503

Malicious code in bioql PyPI...

8.4CVSS6.5AI score0.00194EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 3:0 a.m.22 views

CVE-2025-43777

CVE-2025-43777 affects Liferay Portal 7.4.0–7.4.3.132 and Liferay DXP versions 2025.Q1.0–2025.Q2.9 (and earlier 2024.Q1.1–2024.Q4.7, 2024.Q2.0–2024.Q2.13, 2024.Q3.0–2024.Q3.13). The issue: an Internal Server Error is exposed in the login response when a request uses a deleted Client Secret. Root ...

5.3CVSS6.4AI score0.00216EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2024/12/10 4:15 p.m.23 views

CVE-2024-10495

An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects...

8.4CVSS0.00194EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/10 3:55 p.m.25 views

CVE-2024-10496 Out of bounds read in BuildFontMap in fontmgr.cpp in NI LabVIEW

An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q...

8.4CVSS0.00194EPSS
Exploits0References1
CVE
CVE
added 2024/12/10 3:55 p.m.83 views

CVE-2024-10496

CVE-2024-10496 concerns NI LabVIEW, where an out-of-bounds read arises from improper input validation in the function BuildFontMap (fontmgr.cpp). Affected product/version: LabVIEW 2024 Q3 and earlier. Impact stated in sources: disclosure of information or arbitrary code execution if a user opens ...

8.4CVSS7.7AI score0.00194EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/10 3:52 p.m.78 views

CVE-2024-10495

CVE-2024-10495 concerns an out-of-bounds read in NI LabVIEW’s font loading: fontmgr.cpp font table loading can disclose information or allow arbitrary code execution. Exploitation requires a user to open a specially crafted VI, affecting LabVIEW 2024 Q3 and earlier. Connected sources also referen...

8.4CVSS7.7AI score0.00194EPSS
Exploits0References1Affected Software1
Securelist
Securelist
added 2024/11/28 10:0 a.m.23 views

APT trends report Q3 2024

Kaspersky's Global Research and Analysis Team GReAT has been releasing quarterly summaries of advanced persistent threat APT activity for over seven years now. Based on our threat intelligence research, these summaries offer a representative overview of what we've published and discussed in more...

7.8CVSS7.5AI score0.11977EPSS
Exploits2
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.3 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

9CVSS7.6AI score0.00594EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.5 views

Progress Software Telerik Report Server 安全漏洞

Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software, Inc. A security vulnerability exists in versions prior to Progress Software Telerik Report Server 2024 Q3 10.2.24.806 that stems from an improper limit on the number ...

8.8CVSS6.6AI score0.00317EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.3 views

Progress Software Telerik Report Server 资源管理错误漏洞

Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software, Inc. A resource management error vulnerability exists in versions prior to Progress Software Telerik Report Server 2024 Q3 10.2.24.806, which originates from an HTTP...

7.5CVSS6.6AI score0.00312EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2024/10/07 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-7679

In Progress Telerik UI for WinForms versions prior to 2024 Q3 2024.3.924, a command injection attack is possible through improper neutralization of hyperlink elements...

7.8CVSS5.7AI score0.00744EPSS
Exploits0References1
Rows per page
Query Builder