Lucene search
K

551 matches found

Vulnrichment
Vulnrichment
added 2025/07/08 4:57 p.m.4 views

CVE-2025-49672 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

8.8CVSS7.2AI score0.00805EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/07 2:51 p.m.9 views

CVE-2025-6794 Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability

Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw...

9.8CVSS0.01425EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.3 views

PT-2025-27276 · Marvell · Marvell Qconvergeconsole

Name of the Vulnerable Software and Affected Versions: Marvell QConvergeConsole affected versions not specified Description: The issue concerns a deserialization of untrusted data remote code execution vulnerability in the readObjectFromConfigFile function. This allows for remote code execution...

8.2AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/26 2:40 p.m.7 views

CVE-2025-53002 LLaMA-Factory Remote Code Execution (RCE) Vulnerability

LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in LLaMA-Factory versions up to and including 0.9.3 during the LLaMA-Factory training process. This vulnerability arises because the vheadfile is loaded without proper safeguards,...

8.3CVSS8.6AI score0.0103EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/06/26 2:40 p.m.15 views

CVE-2025-53002 LLaMA-Factory Remote Code Execution (RCE) Vulnerability

LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in LLaMA-Factory versions up to and including 0.9.3 during the LLaMA-Factory training process. This vulnerability arises because the vheadfile is loaded without proper safeguards,...

8.3CVSS0.0103EPSS
Exploits1References3
CVE
CVE
added 2025/06/26 2:40 p.m.41 views

CVE-2025-53002

Summary of CVE-2025-53002 (LLaMA-Factory) : A remote code execution vulnerability was reported in LLaMA-Factory up to version 0.9.3 during training. The root cause is loading the vhead_file without the secure parameter weights_only=True, enabling an attacker to execute arbitrary code by supplying...

9.8CVSS8.6AI score0.0103EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/06/26 2:40 p.m.6 views

CVE-2025-53002 LLaMA-Factory Remote Code Execution (RCE) Vulnerability

LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in LLaMA-Factory versions up to and including 0.9.3 during the LLaMA-Factory training process. This vulnerability arises because the vheadfile is loaded without proper safeguards,...

8.3CVSS8.2AI score0.0103EPSS
Exploits1References5
NVD
NVD
added 2025/06/26 2:15 p.m.4 views

CVE-2025-49003

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor may take advantage of a feature in Java in which the character "ı" becomes "I" when converted to uppercase, and the character "ſ" becomes "S" when converted to uppercase. A threa...

9.8CVSS0.00808EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/06/26 1:51 p.m.2 views

CVE-2025-49003 Dataease H2 JDBC Connection Remote Code Execution

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor may take advantage of a feature in Java in which the character "ı" becomes "I" when converted to uppercase, and the character "ſ" becomes "S" when converted to uppercase. A threa...

9.3CVSS7.8AI score0.00808EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/06/25 9:42 p.m.22 views

CVE-2025-6647 PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...

7.8CVSS0.00233EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2025/06/25 12:0 a.m.5 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.2AI score0.00233EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.5 views

CVE-2025-49217

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method...

9.8CVSS8.1AI score0.07935EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/17 8:28 p.m.2 views

CVE-2025-49217

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method...

9.8CVSS9.9AI score0.01024EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/17 8:27 p.m.8 views

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS0.00755EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/12 12:0 a.m.5 views

PT-2025-25304 · Apache · Apache Struts

Name of the Vulnerable Software and Affected Versions: Apache Struts affected versions not specified Description: The issue concerns a remote code execution vulnerability. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where...

7.4AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/10 5:2 p.m.7 views

CVE-2025-47166 Microsoft SharePoint Server Remote Code Execution Vulnerability

...

8.8CVSS7.2AI score0.12606EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/06/10 5:2 p.m.19 views

CVE-2025-47164 Microsoft Office Remote Code Execution Vulnerability

...

8.4CVSS0.00563EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/10 5:2 p.m.7 views

CVE-2025-33071 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability

...

8.1CVSS7.2AI score0.13548EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/10 5:2 p.m.6 views

CVE-2025-33066 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

8.8CVSS7.2AI score0.00951EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2025/06/10 7:0 a.m.17 views

Description of the security update for Word 2016: June 10, 2025 (KB5002710)

Description of the security update for Word 2016: June 10, 2025 KB5002710 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common Vulnerabilities and Exposures...

7.8CVSS7.2AI score0.0056EPSS
Exploits0
Rows per page
Query Builder