Lucene search
K

7654 matches found

Zero Day Initiative
Zero Day Initiative
added 2023/07/13 12:0 a.m.18 views

Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2...

7.8CVSS6.8AI score0.00345EPSS
Exploits0References1
CNVD
CNVD
added 2023/07/12 12:0 a.m.16 views

Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2023-56535)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from a stack buffer overflow...

7.8CVSS7.5AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.2 views

Apache Airflow 输入验证错误漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is characterized by scalability and dynamic monitoring. An input validation error vulnerability exists in Apache Airflow versions prior to 2.6.3,...

6.5CVSS6.4AI score0.01157EPSS
Exploits0References3
CNVD
CNVD
added 2023/07/12 12:0 a.m.18 views

Siemens Tecnomatix Plant Simulation Out-of-Bounds Write Vulnerability (CNVD-2023-56537)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from an out-of-bounds write...

7.8CVSS7.2AI score0.00209EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/07/12 12:0 a.m.22 views

Dassault Systèmes SolidWorks DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes SolidWorks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.8AI score0.00329EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/11 9:7 a.m.27 views

CVE-2023-37376

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0008, Tecnomatix Plant Simulation V2302 All versions V2302.0002. The affected application contains a type confusion vulnerability while parsing STP files. This could allow an attacker to execute code in th...

7.8CVSS7.8AI score0.00209EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.4 views

Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from a stack buffer overflow...

7.8CVSS7.7AI score0.00213EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.4 views

Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from an out-of-bounds write...

7.8CVSS7.5AI score0.00209EPSS
Exploits0References2
Slackware Linux
Slackware Linux
added 2023/07/07 11:9 p.m.41 views

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.13.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mo...

8.8CVSS7AI score0.00696EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2023/07/06 12:0 a.m.35 views

GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of SRT...

8.8CVSS7.1AI score0.01451EPSS
Exploits0References1
Slackware Linux
Slackware Linux
added 2023/07/04 8:26 p.m.32 views

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-102.13.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

8.8CVSS7AI score0.00696EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/06/29 10:56 a.m.3 views

The Right Way to Enhance CTI with AI (Hint: It's the Data)

Cyber threat intelligence is an effective weapon in the ongoing battle to protect digital assets and infrastructure - especially when combined with AI. But AI is only as good as the data feeding it. Access to unique, underground sources is key. Threat Intelligence offers tremendous value to peopl...

6.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/06/27 7:15 p.m.2 views

CVE-2023-29068

A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process...

7.8CVSS6.1AI score0.00236EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/06/27 12:0 a.m.10 views

Slackware: Security Advisory (SSA:2023-177-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Slackware Linux
Slackware Linux
added 2023/06/26 7:51 p.m.19 views

[slackware-security] vim

New vim packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-9.0.1667-i586-1slack15.0.txz: Upgraded. This fixes a rare divide-by-zero bug that could cause vim to crash. In an interactive progra...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2023/06/23 12:0 a.m.15 views

Slackware: Security Advisory (SSA:2023-173-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS7.2AI score0.01395EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2023/06/22 12:0 a.m.26 views

Slackware: Security Advisory (SSA:2023-172-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.02575EPSS
Exploits0References4
OSV
OSV
added 2023/06/19 11:15 a.m.6 views

UBUNTU-CVE-2023-29545

Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are...

6.5CVSS6.8AI score0.00584EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2023/06/15 12:0 a.m.21 views

(0Day) Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.8AI score0.00418EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2023/06/15 12:0 a.m.32 views

(0Day) Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.8AI score0.00399EPSS
Exploits0
Rows per page
Query Builder