CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32375 – Insecure Deserialization leads to RCE in BentoML's runner server
https://notcve.org/view.php?id=CVE-2025-32375
09 Apr 2025 — By setting specific headers and parameters in the POST request, it is possible to execute any unauthorized arbitrary code on the server, which will grant the attackers to have the initial access and information disclosure on the server. • https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26 • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.9EPSS: 0%CPEs: 4EXPL: 0CVE-2025-29988
https://notcve.org/view.php?id=CVE-2025-29988
09 Apr 2025 — A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution. • https://www.dell.com/support/kbdoc/en-in/000283859/dsa-2025-088 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-1045 – Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-1045
09 Apr 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-1046 – Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-1046
09 Apr 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-1047 – Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-1047
09 Apr 2025 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-1048 – Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-1048
09 Apr 2025 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 300 speakers. ... An attacker can leverage this vulnerability to execute code in the context of the anacapa user. •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-1049 – Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-1049
09 Apr 2025 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. ... An attacker can leverage this vulnerability to execute code in the context of the anacapa user. •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-1050 – Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-1050
09 Apr 2025 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. ... An attacker can leverage this vulnerability to execute code in the context of the anacapa user. •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-30640 – Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-30640
09 Apr 2025 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Trend Micro Anti-Malware Solution Platform. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-30641 – Trend Micro Deep Security Anti-Malware Solution Platform Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-30641
09 Apr 2025 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Anti-Malware Solution Platform. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •