Lucene search
K

7657 matches found

Cvelist
Cvelist
added 2024/02/22 3:24 a.m.32 views

CVE-2024-23129 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of th...

7.8CVSS7.5AI score0.00401EPSS
Exploits0References3
NVD
NVD
added 2024/02/22 3:15 a.m.17 views

CVE-2024-23126

A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS6.9AI score0.00418EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/22 12:0 a.m.6 views

Autodesk AutoCAD Buffer Error Vulnerability

Autodesk AutoCAD is a suite of professional 3D drawing software from the American company Autodesk. A security vulnerability exists in Autodesk AutoCAD. An attacker could exploit this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the current process environmen...

7.8CVSS7.5AI score0.00418EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/22 12:0 a.m.4 views

Autodesk AutoCAD Security Vulnerability

Autodesk AutoCAD is a suite of professional 3D drawing software from the American company Autodesk. A security vulnerability exists in Autodesk AutoCAD. An attacker can exploit the vulnerability to execute code in the current process...

7.8CVSS7.2AI score0.00439EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/22 12:0 a.m.3 views

Autodesk AutoCAD Resource Management Error Vulnerability

Autodesk AutoCAD is a suite of professional 3D drawing software from the American company Autodesk. A security vulnerability exists in Autodesk AutoCAD. An attacker can exploit the vulnerability to execute code in the current process...

7.8CVSS7.2AI score0.00488EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/02/22 12:0 a.m.18 views

Slackware: Security Advisory (SSA:2024-052-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.00937EPSS
Exploits1References12
Slackware Linux
Slackware Linux
added 2024/02/21 8:4 p.m.31 views

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.8.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...

8.1CVSS7AI score0.00937EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2024/02/21 12:0 a.m.15 views

Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SK...

7.8CVSS7.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/02/21 12:0 a.m.11 views

Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SK...

7.8CVSS7.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/02/21 12:0 a.m.18 views

Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server. The specific flaw exists within the getParams method...

8.8CVSS7.4AI score0.01386EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.4 views

PT-2024-21184 · Churchcrm · Churchcrm

Name of the Vulnerable Software and Affected Versions: ChurchCRM version 5.5.0 Description: The issue concerns a Blind SQL Injection vulnerability, specifically time-based, that can be exploited via the CurrentFundraiser GET parameter in the FRBidSheets.php file. Recommendations: For ChurchCRM...

7.5CVSS8.2AI score0.00578EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/02/21 12:0 a.m.20 views

Slackware: Security Advisory (SSA:2024-051-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.00937EPSS
Exploits1References12
OSV
OSV
added 2024/02/15 1:15 p.m.0 views

CVE-2024-20728

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.02791EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/15 10:12 a.m.20 views

CVE-2024-20744 Adobe Substance 3D Paint PICT Parsing Access Violation Write Vulnerability

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.3AI score0.00239EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/02/15 12:0 a.m.17 views

Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.2AI score0.00318EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/15 12:0 a.m.4 views

Adobe Acrobat Reader Resource Management Error Vulnerability

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDFs. A resource management error vulnerability previously existed in Adobe Acrobat Reader versions 20.005.30539 and 23.008.20470. An attacker could exploit this...

7.8CVSS7.4AI score0.03389EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/15 12:0 a.m.6 views

Adobe Substance 3D Painter 缓冲区错误漏洞

Adobe Substance 3D Painter is a 3D texturing application from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance 3D Painter 9.1.1 and prior versions, which stems from the presence of an out-of-bounds write that could lead to the execution of arbitrary co...

7.8CVSS8.1AI score0.00239EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/02/15 12:0 a.m.18 views

Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.2AI score0.00318EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/02/15 12:0 a.m.30 views

Slackware: Security Advisory (SSA:2024-044-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.99995EPSS
Exploits1References4
Slackware Linux
Slackware Linux
added 2024/02/14 4:22 a.m.42 views

[slackware-security] dnsmasq

New dnsmasq packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/dnsmasq-2.90-i586-1slack15.0.txz: Upgraded. Add limits on the resources used to do DNSSEC validation. For more information, see:...

7.5CVSS7.1AI score0.99995EPSS
Exploits1
Rows per page
Query Builder