EUVD-2026-21647

The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 12.8.9 This is due to insufficient input sanitization and output escaping in the gspbgreenShiftblockscriptassets function. The function uses...

EUVD-2012-4458

Malware in sbrugna...

EUVD-2024-51026

Malicious code in bioql PyPI...

CVE-2025-50611

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wlsecset5g and wlsecrpset5g in the payload, which can cause the program to crash and potentially...

GHSA-RRMF-RVHW-RF47 PyTorch is vulnerable to memory corruption through its torch.jit.script function

A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used...

CVE-2024-12652

CVE-2024-12652 affects Intumit SmartRobot’s Conversational AI Platform. A vulnerability in the groovy script function prior to v7.2.0 enables remote authenticated users to execute arbitrary system commands via Groovy code (Code Injection). This can impact availability, confidentiality, and integr...

CVE-2024-50636

PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of arbitrary Python code embedded within .PYM files. Attackers can craft a malicious .PYM file containing a Python reverse shell payload and exploit the function to achieve Remote Command Execution RCE...

PT-2024-34371 · Schrödinger · Pymol

Name of the Vulnerable Software and Affected Versions: PyMOL version 2.5.0 Description: The issue arises from the "Run Script" function in PyMOL, which allows the execution of arbitrary Python code embedded within .PYM files. This enables attackers to craft malicious .PYM files containing Python...

DEBIAN-CVE-2023-32200

There is insufficient restrictions of called script functions in Apache Jena versions 4.8.0 and earlier. It allows a remote user to execute javascript via a SPARQL query. This issue affects Apache Jena: from 3.7.0 through 4.8.0...

SUSE CVE-2018-18544

There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31...

The vulnerability in the implementation of the grub_script_function_create() function of the Grub2 operating system allows a perpetrator to gain access to confidential data, affect the integrity of the data, and cause service failures.

The vulnerability of the grubscriptfunctioncreate function, which is part of the Grub2 operating system loader, stems from an error in function overriding. This function is already being executed. Exploiting this vulnerability could allow a perpetrator to access confidential data, compromise data...

grub2: Use-after-free redefining a function whilst the same function is already executing

GRUB2 contains a race condition in grubscriptfunctioncreate leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2...

grub2: Use-after-free redefining a function whilst the same function is already executing

GRUB2 contains a race condition in grubscriptfunctioncreate leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2...

ALPINE-CVE-2020-15706

GRUB2 contains a race condition in grubscriptfunctioncreate leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2...

KLA11093 Arbitrary code execution vulnerabilities in Foxit Reader

Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper validation of user-supplied data in the saveAs Java script function can b...

PT-2012-5462 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.7.2 Description: The issue concerns the load script function in fs/binfmt script.c, which does not properly handle recursion. This allows local users to obtain sensitive information from kernel stack memory vi...

Lunascape may insecurely load executable files

Overview Lunascape may use unsafe methods for determining how to load executables .exe. Lunascape is a web browser. Lunascape loads certain executables when using the "script" function. Lunascape contain an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki...