CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1660 – DWFX File Parsing Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2025-1660
01 Apr 2025 — A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0002 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1659 – DWFX File Parsing Out-of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2025-1659
01 Apr 2025 — A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0002 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1658 – DWFX File Parsing Out-of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2025-1658
01 Apr 2025 — A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0002 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30065 – Apache Parquet Java: Arbitrary code execution in the parquet-avro module when reading an Avro schema from a Parquet file metadata
https://notcve.org/view.php?id=CVE-2025-30065
01 Apr 2025 — Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code Users are recommended to upgrade to version 1.15.1, which fixes the issue. • https://lists.apache.org/thread/okzqb3kn479gqzxm21gg5vqr35om9gw5 • CWE-502: Deserialization of Untrusted Data •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-11235 – Ubuntu Security Notice USN-7400-1
https://notcve.org/view.php?id=CVE-2024-11235
01 Apr 2025 — An attacker could possibly use this issue to cause a crash or execute arbitrary code. ... An attacker could possibly use this issue to cause a crash or execute arbitrary code. ... An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. •
CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-29049
https://notcve.org/view.php?id=CVE-2025-29049
01 Apr 2025 — Cross Site Scripting vulnerability in arnog MathLive Versions v0.103.0 and before (fixed in 0.104.0) allows an attacker to execute arbitrary code via the MathLive function. • https://github.com/advisories/GHSA-qwj6-q94f-8425 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24243 – Apple macOS AudioToolbox AMR File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24243
31 Mar 2025 — Processing a maliciously crafted file may lead to arbitrary code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. ... An attacker can leverage this vulnerability to execute code in the context of the current process. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoof... • https://support.apple.com/en-us/122371 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24182 – Apple macOS CoreText Font Glyphs Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24182
31 Mar 2025 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24244 – Apple macOS AudioToolboxCore WAV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24244
31 Mar 2025 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24228 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-24228
31 Mar 2025 — An app may be able to execute arbitrary code with kernel privileges. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-125: Out-of-bounds Read •