Total
307526 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-32061 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21566) | ||||
| CVE-2024-32062 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains a type confusion vulnerability while parsing IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21568) | ||||
| CVE-2024-32063 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains a type confusion vulnerability while parsing IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21573) | ||||
| CVE-2024-32064 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21575) | ||||
| CVE-2024-32065 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21577) | ||||
| CVE-2024-32066 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21578) | ||||
| CVE-2025-40764 | 1 Siemens | 1 Simcenter Femap | 2025-08-20 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2025-40762 | 1 Siemens | 1 Simcenter Femap | 2025-08-20 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted STP file. This could allow an attacker to execute code in the context of the current process.(ZDI-CAN-26692) | ||||
| CVE-2024-31853 | 1 Siemens | 1 Sicam Toolbox Ii | 2025-08-20 | 8.1 High |
| A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate. This could allow an attacker to execute an on-path network (MitM) attack. | ||||
| CVE-2024-31854 | 1 Siemens | 1 Sicam Toolbox Ii | 2025-08-20 | 8.1 High |
| A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check device's certificate common name against an expected value. This could allow an attacker to execute an on-path network (MitM) attack. | ||||
| CVE-2025-9176 | 2025-08-20 | 5.3 Medium | ||
| A security flaw has been discovered in neurobin shc up to 4.0.3. Impacted is the function make of the file src/shc.c of the component Environment Variable Handler. The manipulation results in os command injection. The attack is only possible with local access. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-9175 | 2025-08-20 | 5.3 Medium | ||
| A vulnerability was identified in neurobin shc up to 4.0.3. This issue affects the function make of the file src/shc.c. The manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used. | ||||
| CVE-2025-9174 | 2025-08-20 | 5.3 Medium | ||
| A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-7777 | 1 Redhat | 1 Mirror Registry | 2025-08-20 | 6.5 Medium |
| The mirror-registry doesn't properly sanitize the host header HTTP header in HTTP request received, allowing an attacker to perform malicious redirects to attacker-controlled domains or phishing campaigns. | ||||
| CVE-2024-27239 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Workplace and 2 more | 2025-08-20 | 4.3 Medium |
| Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2024-27245 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Workplace and 2 more | 2025-08-20 | 4.3 Medium |
| Buffer overflow in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2024-27246 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Workplace and 2 more | 2025-08-20 | 4.3 Medium |
| Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2025-54007 | 2025-08-20 | 8.8 High | ||
| Deserialization of Untrusted Data vulnerability in PickPlugins Post Grid and Gutenberg Blocks allows Object Injection. This issue affects Post Grid and Gutenberg Blocks: from n/a through 2.3.11. | ||||
| CVE-2024-40536 | 1 Szlbt | 2 Lbt-t300-t400, Lbt-t300-t400 Firmware | 2025-08-20 | 5.3 Medium |
| Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 were discovered to contain a stack overflow via the pin_3g_code parameter in the config_3g_para function. | ||||
| CVE-2024-40535 | 1 Szlbt | 2 Lbt-t300-t400, Lbt-t300-t400 Firmware | 2025-08-20 | 9.8 Critical |
| Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered to contain a stack overflow via the apn_name_3g parameter in the config_3g_para function. | ||||