7.8
CVE-2025-9457 - PRT File Parsing Memory Corruption Vulnerability
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
7.8
CVE-2025-9456 - SLDPRT File Parsing Memory Corruption Vulnerability
A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
5
CVE-2025-66407 - Weblate has Server-Side Request Forgery vulnerability
Weblate is a web based localization tool. The Create Component functionality in Weblate allows authorized users to add new translation components by specifying both a version control system and a source code repository URL to pull from. However, prior to version 5.15, the repository URL field is noβ¦
7.8
CVE-2025-9455 - CATPRODUCT File Parsing Out-of-Bounds Read Vulnerability
A maliciously crafted CATPRODUCT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.8
CVE-2025-9454 - PRT File Parsing Out-of-Bounds Read Vulnerability
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.8
CVE-2025-9453 - PRT File Parsing Out-of-Bounds Read Vulnerability
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.8
CVE-2025-9452 - SLDPRT File Parsing Memory Corruption Vulnerability
A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
5.3
CVE-2025-14731 - CTCMS Content Management System Frontend/Template Management CT_Parser.php special elements used inβ¦
A weakness has been identified in CTCMS Content Management System up to 2.1.2. This affects an unknown function in the library /ctcms/apps/libraries/CT_Parser.php of the component Frontend/Template Management Module. This manipulation causes improper neutralization of special elements used in a temβ¦
7.8
CVE-2025-14593 - CATPART File Parsing Out-of-Bounds Read Vulnerability
A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
6.9
CVE-2025-66482 - Misskey has a login rate limit bypass via spoofed X-Forwarded-For header
Misskey is an open source, federated social media platform. Attackers who use an untrusted reverse proxy or not using a reverse proxy at all can bypass IP rate limiting by adding a forged X-Forwarded-For header. Starting with version 2025.9.1, an option (`trustProxy`) has been added in config file β¦