Lucene search
K

7657 matches found

Zero Day Initiative
Zero Day Initiative
added 2024/03/08 12:0 a.m.14 views

Dassault Systèmes eDrawings DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.8AI score0.00322EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/03/08 12:0 a.m.17 views

Dassault Systèmes eDrawings SLDDRW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.8AI score0.00355EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/03/08 12:0 a.m.13 views

Dassault Systèmes eDrawings SAT File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.8AI score0.00338EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.22 views

Slackware: Security Advisory (SSA:2024-067-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.03236EPSS
Exploits3References2
Slackware Linux
Slackware Linux
added 2024/03/05 9:23 p.m.29 views

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.8.1-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mo...

7.5CVSS7.1AI score0.00682EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2024/03/05 12:0 a.m.9 views

(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS7.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2024/03/05 12:0 a.m.9 views

(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS7.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2024/03/05 12:0 a.m.11 views

(0Day) Ashlar-Vellum Cobalt STP File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS7.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2024/03/04 12:0 a.m.18 views

Delta Electronics CNCSoft-B DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.9AI score0.00739EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/03/01 12:0 a.m.16 views

Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

3.3CVSS6.3AI score0.00377EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/29 4:35 p.m.35 views

CVE-2024-20765 ZDI-CAN-22674: Adobe Acrobat Reader DC PDF File Parsing Use-After-Free Remote Code Execution Vulnerability

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.9AI score0.00562EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.7 views

Adobe InDesign 代码问题漏洞

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from a null pointer dereference vulnerability that can be exploited by an attacker to implement an application denial of service in the context of the current user...

5.5CVSS6.6AI score0.00313EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/02/29 12:0 a.m.13 views

Slackware: Security Advisory (SSA:2024-059-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.01177EPSS
Exploits0References3
Slackware Linux
Slackware Linux
added 2024/02/28 6:40 p.m.51 views

[slackware-security] wpa_supplicant

New wpasupplicant packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/wpasupplicant-2.10-i586-2slack15.0.txz: Rebuilt. Patched the implementation of PEAP in wpasupplicant to prevent an...

6.5CVSS7.2AI score0.01177EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2024/02/28 9:15 a.m.5 views

CVE-2021-47015

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RX consumer index logic in the error path. In bnxtrxpkt, the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are hitting a hardware bug a...

5.5CVSS6.5AI score0.0025EPSS
Exploits0References6Affected Software1
OpenVAS
OpenVAS
added 2024/02/27 12:0 a.m.20 views

Slackware: Security Advisory (SSA:2024-057-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.01536EPSS
Exploits1References3
Slackware Linux
Slackware Linux
added 2024/02/26 8:17 p.m.35 views

[slackware-security] openjpeg

New openjpeg packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openjpeg-2.5.1-i586-1slack15.0.txz: Upgraded. Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in sycc420torgb when...

7.8CVSS8.6AI score0.01536EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2024/02/23 12:0 a.m.18 views

PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.3AI score0.00403EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/02/23 12:0 a.m.26 views

PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.3AI score0.00393EPSS
Exploits0References1
NVD
NVD
added 2024/02/22 5:15 a.m.13 views

CVE-2024-23134

A maliciously crafted IGS file in tbb.dll when parsed through Autodesk AutoCAD can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

7.8CVSS6.8AI score0.00488EPSS
Exploits0References3
Rows per page
Query Builder