146 matches found
EUVD-2025-209785
The affected applications contains a memory corruption vulnerability while parsing specially crafted IPT files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-27349, ZDI-CAN-27389...
CVE-2026-32175
A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the...
EUVD-2025-208735
HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a properly isolated sandbox environment. This may expose the application to potential security risks, including unintended behaviour or integrity impact when processing specially crafted files...
EUVD-2018-20443
Malware in sbrugna...
EUVD-2012-5524
Malware in sbrugna...
EUVD-2024-23547
Malicious code in bioql PyPI...
EUVD-2023-51691
Malicious code in bioql PyPI...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-18823)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which is caused by free use when opening specially crafted files. An attacker can exploit the vulnerability to execute arbitrary code on the syste...
CLSA-2025-1753207126 nginx: Fix of 2 CVEs
CVE-2022-41741: fix vulnerability in ngxhttpmp4module leading to potential memory corruption and termination by improving module handling of specially crafted audio/video files - CVE-2022-41742: fix module ngxhttpmp4module vulnerability to prevent worker process crash and memory disclosure from...
Rockwell Automation Arena Code Execution Vulnerability (CNVD-2025-19255)
Rockwell Automation Arena is a discrete-event simulation software developed by Rockwell Automation for a wide range of manufacturing, logistics, and service industries. A code execution vulnerability exists in Rockwell Automation Arena, which is caused by out-of-bounds writes to specially crafted...
CVE-2020-1223
A remote code execution vulnerability exists when Microsoft Word for Android fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file.The update addresses the vulnerability by correcting how Microsoft Word...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS and Apple iPadOS, which stems from the handling of specially...
CVE-2024-54094
A vulnerability has been identified in Solid Edge SE2024 All versions V224.0 Update 5. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
CVE-2024-2637 Insecure Loading of Code in B&R Products
An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R...
USN-6756-1 less vulnerability
It was discovered that less mishandled newline characters in file names. If a user or automated system were tricked into opening specially crafted files, an attacker could possibly use this issue to execute arbitrary commands on the host...
Keyence KV STUDIO和Keyence KV REPLAY VIEWER 安全漏洞
Keyence KV STUDIO and Keyence KV REPLAY VIEWER are both products of Keyence Corporation of China.Keyence KV STUDIO is a PLC programming software.Keyence KV REPLAY VIEWER is a computer program. A security vulnerability exists in Keyence KV STUDIO version 11.64 and earlier, and Keyence KV REPLAY...
Security Bulletin: Security vulnerabilities in Apache Commons Compress affects IBM License Metric Tool v9.
Summary There are vulnerabilities in Apache Commons Compress library that is used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an infinite loop flaw. By persuading a victim to open a...
The vulnerability of Siemens Solid Edge, a tool for design and simulation, relates to buffer overflow attacks, allowing an attacker to execute arbitrary code.
The vulnerability of Siemens Solid Edge’s design and simulation tools is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created PAR files...
Out-of-bounds
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0009, Tecnomatix Plant Simulation V2302 All versions V2302.0003. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. Th...
XZ 安全漏洞
xz is a software application. It is used to support reading and writing xz compressed streams. A security vulnerability exists in XZ Utils version 5.2.5, which stems from a vulnerability that allows an attacker to cause a denial of service by unzipping specially crafted files...