Hitachi Energy HiDraw 安全漏洞

Hitachi Energy HiDraw is a power transformer design software developed by Hitachi Corporation in Japan. Hitachi Energy HiDraw contains a security vulnerability caused by a heap buffer overflow. This vulnerability could allow malicious users with local access to cause memory corruption and potenti...

CVE-2026-22908

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality...

CVE-2026-22908

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality...

PT-2026-2989

Name of the Vulnerable Software and Affected Versions versions prior to 2026-22908 Description Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality. Recommendations At the moment, there is n...

CVE-2025-41717 Config-Upload Code Injection

An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss of confidentiality, availability and integrity due to improper control of code generation 'Code...

CVE-2020-7586

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier All versions, SIMATIC PCS 7 V9.0 All versions V9.0 SP3, SIMATIC PDM All versions V9.2, SIMATIC STEP 7 V5.X All versions V5.6 SP2 HF3, SINAMICS STARTER containing STEP 7 OEM version All versions V5.4 HF2. A buffer overflow...

EUVD-2020-27434

Malware in sbrugna...

EUVD-2020-4328

Malware in sbrugna...

EUVD-2014-6371

Malware in sbrugna...

EUVD-2020-19345

Malware in sbrugna...

EUVD-2021-26816

Malware in sbrugna...

EUVD-2016-7366

Malware in sbrugna...

EUVD-2021-14360

Malware in sbrugna...

EUVD-2025-20345

Malicious code in bioql PyPI...

EUVD-2022-15624

Malicious code in bioql PyPI...

EUVD-2021-7675

Malicious code in bioql PyPI...

CVE-2025-49082

CVE-2025-49082 affects the management console of Absolute Secure Access, prior to version 13.56. The vulnerability allows attackers who have administrative access and a specific set of permissions to bypass permission checks and read other settings. According to the provided documents, attack com...

PT-2025-31454 · Unknown · Absolute Secure Access

Name of the Vulnerable Software and Affected Versions: Absolute Secure Access versions prior to 13.56 Description: The issue allows attackers with administrative access to the management console and specific permissions to bypass permission restrictions and read other settings. The attack...

CVE-2025-42964

CVE-2025-42964 affects SAP NetWeaver Enterprise Portal Administration. A privileged user can upload untrusted or malicious content that is deserialized, potentially compromising confidentiality, integrity, and availability of the host system. Public documentation consistently identifies insecure ...

Langroid has a Code Injection vulnerability in TableChatAgent

Summary TableChatAgent uses pandas eval. If fed by untrusted user input, like the case of a public-facing LLM application, it may be vulnerable to code injection. PoC For example, one could prompt the Agent: Evaluate the following pandas expression on the data provided and print output:...