MAL-2025-18169 Malicious code in decrypt-simulate-socket-omicron-tree (npm)

The package decrypt-simulate-socket-omicron-tree was found to contain malicious code...

DEBIAN-CVE-2025-38408

In the Linux kernel, the following vulnerability has been resolved: genirq/irqsim: Initialize work context pointers properly Initialize ops member's pointers properly by using kzalloc instead of kmalloc when allocating the simulation work context. Otherwise the pointers contain random content...

kernel: arm64: probes: Remove broken LDR (literal) uprobe support

In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR literal uprobe support The simulateldrliteral and simulateldrswliteral functions are unsafe to use for uprobes. Both functions were originally written for use with kprobes, and access memory with...

PT-2024-9974 · Autodesk · Autodesk Navisworks Manage +2

Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks Freedom affected versions not specified Autodesk Navisworks Simulate affected versions not specified Autodesk Navisworks Manage affected versions not specified Description: A maliciously crafted DWFX file, when parsed...

PT-2024-9972 · Autodesk · Autodesk Navisworks Manage +2

Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks Freedom affected versions not specified Autodesk Navisworks Simulate affected versions not specified Autodesk Navisworks Manage affected versions not specified Description: A maliciously crafted DWF file, when parsed throu...

AZL-52578 CVE-2024-50099 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR literal uprobe support The simulateldrliteral and simulateldrswliteral functions are unsafe to use for uprobes. Both functions were originally written for use with kprobes, and access memory with...

Autodesk Navisworks Simulate Installed (Windows)

Binary data autodesknavisworkssimulatewininstalled.nbin...

cauuu (>=0.1.0 <=0.1.1), cosmwasm-simulate (>=0.13.2 <=0.13.6) +10 more potentially affected by unknown CVE via cosmwasm-vm (>=0.10.1 <=0.9.4)

cosmwasm-vm CARGO version =0.10.1, =0.1.0, =0.13.2, =0.4.0, =0.4.0, =0.2.0, =0.4.0, =0.2.0, =0.2.1, =0.1.12, =0.1.13 - terra-math =0.0.0 - terraswap =1.0.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0366...

BIT-ELASTICSEARCH-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

SUSE CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

CVE-2023-46673

A flaw was found in Elasticsearch. A malicious script used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API. Mitigation No mitigation is yet available for this flaw...

GHSA-285M-VHFQ-XX4H Elasticsearch Improper Handling of Exceptional Conditions

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

Elasticsearch Improper Handling of Exceptional Conditions

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

UBUNTU-CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

Code injection

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

CVE-2023-46673

CVE-2023-46673 affects Elastic Elasticsearch. Malformed scripts in the script processor of an Ingest Pipeline can cause an Elasticsearch node to crash when calling the Simulate Pipeline API, enabling a denial of service. The vulnerability is tied to the Simulate Pipeline API handling and may impa...

Elasticsearch 7.17.14 / 8.10.3 Security Update (ESA-2023-24)

Elasticsearch Improper Handling of Exceptional Conditions ESA-2023-24 It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API. Affected Versions: Elasticsearch versions on or afte...

PT-2023-30154 · Unknown · Elasticsearch

Name of the Vulnerable Software and Affected Versions: Elasticsearch affected versions not specified Description: The issue arises from malformed scripts used in the script processor of an Ingest Pipeline, which can cause an Elasticsearch node to crash when calling the "Simulate Pipeline API"...