CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27781 – Applio allows unsafe deserialization in inference.py
https://notcve.org/view.php?id=CVE-2025-27781
19 Mar 2025 — The issue can lead to remote code execution. • https://github.com/IAHispano/Applio/blob/29b4a00e4be209f9aac51cd9ccffcc632dfb2973/tabs/inference/inference.py#L325 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27780 – Applio allows unsafe deserialization in model_information.py
https://notcve.org/view.php?id=CVE-2025-27780
19 Mar 2025 — The issue can lead to remote code execution. • https://github.com/IAHispano/Applio/blob/29b4a00e4be209f9aac51cd9ccffcc632dfb2973/rvc/train/process/model_information.py#L16 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53967 – Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
https://notcve.org/view.php?id=CVE-2024-53967
19 Mar 2025 — Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session. • https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53968 – Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
https://notcve.org/view.php?id=CVE-2024-53968
19 Mar 2025 — Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session. • https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53969 – Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
https://notcve.org/view.php?id=CVE-2024-53969
19 Mar 2025 — Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session. • https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29783 – vLLM Allows Remote Code Execution via Mooncake Integration
https://notcve.org/view.php?id=CVE-2025-29783
19 Mar 2025 — This is a remote code execution vulnerability impacting any deployments using Mooncake to distribute KV across distributed hosts. • https://github.com/vllm-project/vllm/commit/288ca110f68d23909728627d3100e5a8db820aa2 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50631 – Synology BeeStation BST150-4T SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-50631
19 Mar 2025 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BeeStation BST150-4T devices. • https://www.synology.com/en-global/security/advisory/Synology_SA_24_21 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50629 – Synology BeeStation BST150-4T CRLF Injection Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-50629
19 Mar 2025 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. • https://www.synology.com/en-global/security/advisory/Synology_SA_24_20 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11131 – Synology TC500 ONVIF Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11131
19 Mar 2025 — This allows remote attackers to execute arbitrary code via unspecified vectors. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology TC500 cameras. • https://www.synology.com/en-global/security/advisory/Synology_SA_24_24 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-10442 – Synology DiskStation DS1823xs+ Replication Service Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-10442
19 Mar 2025 — Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to execute arbitrary code, potentially leading to a broader impact across the system via unspecified vectors. ... This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation DS1823xs+ devices. • https://www.synology.com/en-global/security/advisory/Synology_SA_24_22 • CWE-193: Off-by-one Error •