73 matches found
CVE-2025-64468
CVE-2025-64468 describes a use-after-free in NI LabVIEW’s sentry!sentry_span_set_data() when parsing a corrupted VI file. This could lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI file, and affects LabVIEW 2025 Q3 (25.3) and...
CVE-2025-64463 Out-of-Bounds Read in LVResource::DetachResource() in NI LabVIEW
There is an out of bounds read vulnerability in NI LabVIEW in LVResource::DetachResource when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...
CVE-2025-64463 Out-of-Bounds Read in LVResource::DetachResource() in NI LabVIEW
There is an out of bounds read vulnerability in NI LabVIEW in LVResource::DetachResource when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...
GHSA-RX48-GQC2-4W47 Liferay Portal reflected cross-site scripting (XSS) vulnerability in the google_gaget
A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q3.0 through 2025.Q3.2, 2025.Q2.0 through 2025.Q2.12, 2025.Q1.0 through 2025.Q1.17, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13,...
Liferay Portal和Liferay DXP 访问控制错误漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DX...
Liferay Portal和Liferay DXP 安全漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...
Liferay Portal和Liferay DXP 安全漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...
EUVD-2020-9327
Malware in sbrugna...
EUVD-2014-1175
Malware in sbrugna...
EUVD-2024-33503
Malicious code in bioql PyPI...
CVE-2025-43777
CVE-2025-43777 affects Liferay Portal 7.4.0–7.4.3.132 and Liferay DXP versions 2025.Q1.0–2025.Q2.9 (and earlier 2024.Q1.1–2024.Q4.7, 2024.Q2.0–2024.Q2.13, 2024.Q3.0–2024.Q3.13). The issue: an Internal Server Error is exposed in the login response when a request uses a deleted Client Secret. Root ...
CVE-2024-10495
An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects...
CVE-2024-10496 Out of bounds read in BuildFontMap in fontmgr.cpp in NI LabVIEW
An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q...
CVE-2024-10496
CVE-2024-10496 concerns NI LabVIEW, where an out-of-bounds read arises from improper input validation in the function BuildFontMap (fontmgr.cpp). Affected product/version: LabVIEW 2024 Q3 and earlier. Impact stated in sources: disclosure of information or arbitrary code execution if a user opens ...
CVE-2024-10495
CVE-2024-10495 concerns an out-of-bounds read in NI LabVIEW’s font loading: fontmgr.cpp font table loading can disclose information or allow arbitrary code execution. Exploitation requires a user to open a specially crafted VI, affecting LabVIEW 2024 Q3 and earlier. Connected sources also referen...
APT trends report Q3 2024
Kaspersky's Global Research and Analysis Team GReAT has been releasing quarterly summaries of advanced persistent threat APT activity for over seven years now. Based on our threat intelligence research, these summaries offer a representative overview of what we've published and discussed in more...
Liferay Portal和Liferay DXP 安全漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...
Progress Software Telerik Report Server 安全漏洞
Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software, Inc. A security vulnerability exists in versions prior to Progress Software Telerik Report Server 2024 Q3 10.2.24.806 that stems from an improper limit on the number ...
Progress Software Telerik Report Server 资源管理错误漏洞
Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software, Inc. A resource management error vulnerability exists in versions prior to Progress Software Telerik Report Server 2024 Q3 10.2.24.806, which originates from an HTTP...
VulnCheck KEV: CVE-2024-7679
In Progress Telerik UI for WinForms versions prior to 2024 Q3 2024.3.924, a command injection attack is possible through improper neutralization of hyperlink elements...