7657 matches found
CVE-2024-23129 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of th...
CVE-2024-23126
A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
Autodesk AutoCAD Buffer Error Vulnerability
Autodesk AutoCAD is a suite of professional 3D drawing software from the American company Autodesk. A security vulnerability exists in Autodesk AutoCAD. An attacker could exploit this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the current process environmen...
Autodesk AutoCAD Security Vulnerability
Autodesk AutoCAD is a suite of professional 3D drawing software from the American company Autodesk. A security vulnerability exists in Autodesk AutoCAD. An attacker can exploit the vulnerability to execute code in the current process...
Autodesk AutoCAD Resource Management Error Vulnerability
Autodesk AutoCAD is a suite of professional 3D drawing software from the American company Autodesk. A security vulnerability exists in Autodesk AutoCAD. An attacker can exploit the vulnerability to execute code in the current process...
Slackware: Security Advisory (SSA:2024-052-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.8.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SK...
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SK...
Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server. The specific flaw exists within the getParams method...
PT-2024-21184 · Churchcrm · Churchcrm
Name of the Vulnerable Software and Affected Versions: ChurchCRM version 5.5.0 Description: The issue concerns a Blind SQL Injection vulnerability, specifically time-based, that can be exploited via the CurrentFundraiser GET parameter in the FRBidSheets.php file. Recommendations: For ChurchCRM...
Slackware: Security Advisory (SSA:2024-051-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-20728
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-20744 Adobe Substance 3D Paint PICT Parsing Access Violation Write Vulnerability
Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
Adobe Acrobat Reader Resource Management Error Vulnerability
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDFs. A resource management error vulnerability previously existed in Adobe Acrobat Reader versions 20.005.30539 and 23.008.20470. An attacker could exploit this...
Adobe Substance 3D Painter 缓冲区错误漏洞
Adobe Substance 3D Painter is a 3D texturing application from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance 3D Painter 9.1.1 and prior versions, which stems from the presence of an out-of-bounds write that could lead to the execution of arbitrary co...
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Slackware: Security Advisory (SSA:2024-044-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] dnsmasq
New dnsmasq packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/dnsmasq-2.90-i586-1slack15.0.txz: Upgraded. Add limits on the resources used to do DNSSEC validation. For more information, see:...