22 matches found
EUVD-2019-2230
Malware in sbrugna...
EUVD-2019-8049
Malware in sbrugna...
EUVD-2024-39213
Malicious code in bioql PyPI...
EUVD-2022-24922
Malicious code in bioql PyPI...
EUVD-2022-42481
Malicious code in bioql PyPI...
EUVD-2021-29679
Malicious code in bioql PyPI...
EUVD-2024-47144
Malicious code in bioql PyPI...
EUVD-2022-15478
Malicious code in bioql PyPI...
CVE-2025-53906
Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successful...
CVE-2025-53905
CVE-2025-53905 affects Vim where, prior to version 9.1.1552, the tar.vim plugin is vulnerable to a path traversal in crafted tar archives. This can allow overwriting arbitrary files when a user opens such archives; exploitation is feasible only with user interaction. Affected behavior includes po...
CVE-2025-53905 Vim has path traversial issue with tar.vim and special crafted tar files
Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...
PT-2025-24923 · Adobe · Acrobat Reader
Name of the Vulnerable Software and Affected Versions: Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier Description: The issue is an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to...
About Spoofing – Windows NTLM (CVE-2025-24054) vulnerability
About Spoofing - Windows NTLM CVE-2025-24054 vulnerability. It was patched in the March Microsoft Patch Tuesday. VM vendors didn't mention this vulnerability in their reviews; it was only known to be exploited via user interaction with a malicious file. A month later, on April 16, Check Point...
CVE-2022-37381
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2024-41862
Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...
CVE-2023-26374 ZDI-CAN-20045: Adobe Dimension USD File Parsing Out-Of-Bounds Read Memory leak Vulnerability
Adobe Dimension version 3.4.8 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...
ASB-A-252762941
In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-0463
Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction...
CVE-2021-27471 Rockwell Automation Connected Components Workbench Path Traversal
The parsing mechanism that processes certain file types does not provide input sanitization for file paths. This may allow an attacker to craft malicious files that, when opened by Rockwell Automation Connected Components Workbench v12.00.00 and prior, can traverse the file system. If successfull...
CVE-2022-0296
Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page...