7.5
CVE-2024-48858 - Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec.
7.5
CVE-2024-48857 - Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec.
7.8
CVE-2025-21134 - Illustrator on iPad | Integer Underflow (Wrap or Wraparound) (CWE-191)
Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2025-21133 - Illustrator on iPad | Integer Underflow (Wrap or Wraparound) (CWE-191)
Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
9.8
CVE-2024-48856 - Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.
9.1
CVE-2024-49375 - Remote Code Execution via Remote Model Loading in Rasa
Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API must be enabled on theβ¦
5.3
CVE-2024-48855 - Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.
7.8
CVE-2025-21129 - Substance3D - Stager | Heap-based Buffer Overflow (CWE-122)
Substance3D - Stager versions 3.0.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2025-21132 - Substance3D - Stager | Out-of-bounds Write (CWE-787)
Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2025-21130 - Substance3D - Stager | Out-of-bounds Write (CWE-787)
Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.