CVE-2026-24182

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service...

EUVD-2026-31923

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service...

PT-2026-34089

Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS version 11.5 Description An incorrect privilege assignment issue exists in Windows and Linux environments. This allows highly privileged users to create developer credentials that may grant more privileges than expected...

CVE-2024-11604

CVE-2024-11604 concerns an issue in the OpenText IDM Driver and Extensions SCIM Driver module (Windows, Linux, 64-bit). The vulnerability arises from the insertion of sensitive information into log files, allowing authenticated local users to access sensitive data via log file contents. Affected ...

CVE-2026-24141

NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,...

EUVD-2026-15003

NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,...

CVE-2025-67711

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

CVE-2025-67703

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

CVE-2025-67709

CVE-2025-67709 describes a stored cross-site scripting (XSS) vulnerability in Esri ArcGIS Server 11.4 and earlier, where in some configurations a remote, unauthenticated attacker could store files containing malicious code that may execute in a victim’s browser. Affected product: Esri ArcGIS Serv...

CVE-2025-67706

ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories. However, the server’s architecture enforces controls that restrict uploaded...

PT-2025-54466

Name of the Vulnerable Software and Affected Versions Esri ArcGIS Server versions 11.4 and earlier Description A stored cross-site scripting issue exists in Esri ArcGIS Server. In certain setups, a remote, unauthenticated attacker can store files containing malicious code that could execute withi...

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 also referred to as React2Shell and includes CVE-2025-66478, which was merged into it is a critical pre-authentication remote code execution RCE vulnerability affecting React Server Components, Next.js, and related frameworks. With a CVSS score of 10.0, this vulnerability could all...

EUVD-2025-38266

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in GE Vernova Smallworld on Windows, Linux allows File Manipulation.This issue affects Smallworld: 5.3.5. and previous versions...

CVE-2025-23345

NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service. Mitigation Mitigation for this issue is either not...

EUVD-2014-2644

Malware in sbrugna...

EUVD-2024-23021

Malicious code in bioql PyPI...

EUVD-2025-29831

Malicious code in bioql PyPI...

EUVD-2023-12962

Malicious code in bioql PyPI...

Malicious code in colorinal (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security aac66e0b739a7c06226108da151ee90cc6b406fcf287093e3ca4da4f5eebf79e This package is malicious and allows an attack remote code execution on Windows and Linux machines. The package termncolor uses colorinal ...

CVE-2025-23316

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs. A successful exploit of this vulnerability might lead to remote code...