31680 matches found
CVE-2025-6375
A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...
CVE-2025-47293 PowSyBl Core XML Reader allows XXE and SSRF
PowSyBl Power System Blocks is a framework to build power system oriented software. Prior to version 6.7.2, in certain places, powsybl-core XML parsing is vulnerable to an XML external entity XXE attack and to a server-side request forgery SSRF attack. This allows an attacker to elevate their...
CVE-2025-47293
CVE-2025-47293 concerns PowSyBl (Power System Blocks) where powsybl-core XML parsing via com.powsybl.commons.xml.XmlReader is vulnerable to XXE and SSRF. The root cause is treating XmlReader as trusted when untrusted XML (CGMES/XIIDM) is submitted, allowing privilege escalation to read sensitive ...
DEBIAN-CVE-2025-6275
A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-interp.cc. The manipulation leads to use after free. It is possible to launch the attack on the local...
CVE-2025-6275 WebAssembly wabt binary-reader-interp.cc GetFuncOffset use after free
A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-interp.cc. The manipulation leads to use after free. It is possible to launch the attack on the local...
CVE-2025-6275
CVE-2025-6275 concerns WebAssembly wabt up to 1.0.37. The vulnerability affects the function GetFuncOffset in src/interp/binary-reader-interp.cc, where manipulation can lead to a use-after-free. It permits a local attack, with at least one public disclosure of an exploit. Connected sources consis...
DEBIAN-CVE-2025-6274
A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic. Affected is the function OnDataCount of the file src/interp/binary-reader-interp.cc. The manipulation leads to resource consumption. Attacking locally is a requirement. The exploit has been disclose...
DEBIAN-CVE-2025-6273
A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the function LogOpcode of the file src/binary-reader-objdump.cc. The manipulation leads to reachable assertion. Local access is required to approach this attack. The exploit has been...
UBUNTU-CVE-2025-6273
A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the function LogOpcode of the file src/binary-reader-objdump.cc. The manipulation leads to reachable assertion. Local access is required to approach this attack. The exploit has been...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the com.powsybl.commons.xml.XmlReader class. An attacker can access sensitive files or internal resources by submitting specially crafted XML input. Note: This is only exploitable if untrusted users...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the com.powsybl.commons.xml.XmlReader class. An attacker can access sensitive files or internal resources by submitting specially crafted XML input. Note: This is only exploitable if untrusted users...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the com.powsybl.commons.xml.XmlReader class. An attacker can access sensitive files or internal resources by submitting specially crafted XML input. Note: This is only exploitable if untrusted users...
GHSA-QPJ9-QCWX-8JV2 PowSyBl Core XML Reader allows XXE and SSRF
Impact What kind of vulnerability is it? Who is impacted? In certain places, powsybl-core XML parsing is vulnerable to an XXE attack and in on place also to an SSRF attack. This allows an attacker to elevate their privileges to read files that they do not have permissions to, including sensitive...
PowSyBl Core XML Reader allows XXE and SSRF
Impact What kind of vulnerability is it? Who is impacted? In certain places, powsybl-core XML parsing is vulnerable to an XXE attack and in on place also to an SSRF attack. This allows an attacker to elevate their privileges to read files that they do not have permissions to, including sensitive...
WebAssembly wabt 资源管理错误漏洞
WebAssembly wabt is a WebAssembly binary toolkit open-sourced by WebAssembly. A resource management error vulnerability exists in WebAssembly wabt 1.0.37 and earlier versions, which stems from a resource consumption in the function OnDataCount in the file src/interp/binary-reader-interp.cc...
WebAssembly wabt 资源管理错误漏洞
WebAssembly wabt is a WebAssembly binary toolkit open-sourced by WebAssembly. A resource management error vulnerability exists in WebAssembly wabt 1.0.37 and earlier versions, which stems from post-release reuse of the function GetFuncOffset in the file src/interp/binary-reader-interp.cc...
WebAssembly wabt 安全漏洞
WebAssembly wabt is a WebAssembly binary toolkit open-sourced by WebAssembly. A security vulnerability exists in WebAssembly wabt 1.0.37 and earlier versions, which originates from a reachable assertion in the function LogOpcode in the file src/binary-reader-objdump.cc...
Adobe Acrobat Reader Memory Misreference Vulnerability (CNVD-2025-13320)
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. A memory misreference vulnerability exists in Adobe Acrobat Reader, which can be exploited by an attacker to execute code on the system or cause the application to...
Adobe Acrobat Reader Memory Misreference Vulnerability (CNVD-2025-13319)
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. A memory misreference vulnerability exists in Adobe Acrobat Reader, which can be exploited by an attacker to execute code on the system or cause the application to...
Adobe Acrobat Reader Memory Misreference Vulnerability (CNVD-2025-13318)
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. A memory misreference vulnerability exists in Adobe Acrobat Reader, which can be exploited by an attacker to execute code on the system or cause the application to...