Lucene search
K

7655 matches found

Cvelist
Cvelist
added 2023/09/07 1:12 p.m.26 views

CVE-2022-30637 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

7.8CVSS8AI score0.00402EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/07 12:54 p.m.30 views

CVE-2021-43027 Adobe After Effects TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe After Effects versions 22.0 and earlier and 18.4.2 and earlier are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...

7.8CVSS7.7AI score0.00341EPSS
Exploits0References1
Prion
Prion
added 2023/09/04 11:15 a.m.19 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of prope...

7.5CVSS9.6AI score0.02146EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/04 10:42 a.m.12 views

CVE-2023-4616 thumbnail Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...

7.5CVSS6.3AI score0.01251EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/04 12:0 a.m.4 views

LG LED Assistant Path Traversal Vulnerability

LG LED Assistant is a software from Luckin LG Korea. It is used to set up LED lights. A security vulnerability exists in LG LED Assistant that originates from failure to properly validate a user-supplied path before using it in a file operation, allowing remote attackers to disclose information...

7.5CVSS6.5AI score0.01251EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.5 views

The vulnerability of Adobe Dimension’s 3D design software arises from buffer overflows in its dynamic memory; this allows attackers to execute arbitrary code in the context of the current user.

The vulnerability of Adobe Dimension’s 3D design software arises from an overflow in the dynamic memory buffer. Exploiting this vulnerability allows a hacker to execute arbitrary code in the context of the current user...

7.8CVSS7.7AI score0.003EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.5 views

The vulnerability of the software interface for PDF viewing and editing programs like Acrobat Reader and Adobe Acrobat lies in the lack of access control mechanisms. This allows attackers to execute arbitrary code within the context of the current user.

The vulnerability of the PDF file viewing and editing software interface of Acrobat Reader, as well as the Adobe Acrobat PDF editing software, is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to execute arbitrary code within the context of the...

7.8CVSS7.7AI score0.04613EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2023/08/31 12:0 a.m.25 views

Delta Electronics DIAScreen DPA File Parsing Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.8AI score0.00296EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/31 12:0 a.m.17 views

Delta Electronics DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.8AI score0.00245EPSS
Exploits0References1
Slackware Linux
Slackware Linux
added 2023/08/30 10:10 p.m.19 views

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.2.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...

7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/08/30 2:14 a.m.1 views

SUSE CVE-2023-40590

GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...

7.8CVSS6.9AI score0.00465EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2023/08/29 10:45 p.m.17 views

CVE-2023-40590

A flaw was found in Python/Windows. When resolving a program, it looks for the current working directory followed by the PATH environment. GitPython defaults to use the git command if a user runs GitPython from a repo, has a git.exe, or git executable, that program will run instead of the one in...

7.8CVSS6.3AI score0.00465EPSS
Exploits1References5
OSV
OSV
added 2023/08/28 6:15 p.m.5 views

PYSEC-2023-161

GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...

7.8CVSS7.1AI score0.00465EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.21 views

LG LED Assistant upload Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/settings/upload endpoint. The issue results from the lack of proper validation...

9.8CVSS7.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/24 12:0 a.m.14 views

(0Day) Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...

7.8CVSS6.8AI score0.00338EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2023/08/24 12:0 a.m.24 views

(0Day) Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...

7.8CVSS6.8AI score0.00378EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2023/08/23 12:0 a.m.38 views

7-Zip 7Z File Parsing Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 7Z files. The...

7.8CVSS6.8AI score0.7104EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/23 12:0 a.m.103 views

7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SQFS files. T...

7.8CVSS6.8AI score0.26887EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/17 12:0 a.m.18 views

PDF-XChange Editor exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportAsTex...

7.8CVSS6.9AI score0.0036EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/17 12:0 a.m.15 views

PDF-XChange Editor TIF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.8AI score0.00378EPSS
Exploits0References1
Rows per page
Query Builder