746 matches found
CVE-2025-13698 Deciso OPNsense diag_backup.php filename Directory Traversal Arbitrary File Creation Vulnerability
Deciso OPNsense diagbackup.php filename Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Deciso OPNsense. Authentication is required to exploit this vulnerability. The specific fl...
CVE-2025-13716 Tencent MimicMotion create_pipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability
Tencent MimicMotion createpipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent MimicMotion. User interaction is required to exploit this vulnerability in that the...
CVE-2025-13707
CVE-2025-13707 affects Tencent HunyuanDiT, specifically the model_resume function. The vulnerability arises from insufficient validation of user-supplied data, allowing deserialization of untrusted data and leading to remote code execution with root privileges. Exploitation requires user interact...
Tencent MimicMotion create_pipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent MimicMotion. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent NeuralNLP-NeuralClassifier. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2025-12490
The CVE-2025-12490 entry describes a path traversal in Netgate pfSense CE Suricata that allows remote creation of arbitrary files with root privileges. The root cause is inadequate validation of a user-supplied path before file operations within the Suricata package, requiring authentication to e...
CVE-2025-12490 Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability
Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Netgate pfSense. Authentication is required to exploit this vulnerability. The specific flaw exists within the Suricata...
EUVD-2019-3823
Malware in sbrugna...
EUVD-2022-5262
Malicious code in bioql PyPI...
EUVD-2024-2746
Malicious code in bioql PyPI...
EUVD-2024-21353
Malicious code in bioql PyPI...
EUVD-2022-1860
Malicious code in bioql PyPI...
Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20289)
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...
Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20424)
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...
Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20419)
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...
Kenwood DMX958XR libSystemLib Function OS Command Injection Vulnerability
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. An operating system command injection vulnerability exists in the Kenwood DMX958XR libSystemLib function, which can be exploited by an attacker to execute code in a root context...
Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20427)
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...
Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20426)
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...
Kenwood DMX958XR Command Injection Vulnerability (CNVD-2025-20425)
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...
Alpine iLX-507 Stack Buffer Overflow Vulnerability
The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in a root context...