Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7650 matches found

BDU FSTEC
BDU FSTECadded 2023/03/11 12:0 a.m.6 views

The vulnerability of Adobe Premiere Rush software arises from an operation that goes beyond buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe Premiere Rush arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...

7.8CVSS7.9AI score0.00396EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2023/03/10 10:15 p.m.17 views

Information disclosure

An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Backups of the AvantFAX sent/received faxes, and database backups are stored using the current date as the filename and hosted on the web server without access controls...

3.3CVSS5AI score0.00832EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2023/03/10 12:0 a.m.4 views

OpenHarmony 安全漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony-v3.1.5 version and earlier, OpenHarmony-v3.0.7 version and earlier. An attacker exploited the vulnerability to send...

5.5CVSS5.8AI score0.00162EPSS
Exploits0References2
Prion
Prionadded 2023/03/09 10:15 p.m.21 views

Out-of-bounds

Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these...

4.4CVSS8AI score0.00232EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/03/09 9:13 p.m.32 views

CVE-2023-0621 CVE-2023-0621

Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds read vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in reads past the end of allocated data structures. An attacker could leverage these...

8.1AI score0.00232EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/03/09 9:12 p.m.14 views

CVE-2023-0623 CVE-2023-0623

Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these...

8.2AI score0.00232EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2023/03/09 12:0 a.m.21 views

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.03925EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2023/03/09 12:0 a.m.29 views

Foxit PDF Reader XFA Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.2AI score0.03925EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2023/03/07 12:0 a.m.28 views

Omron CX-One CXP File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CXP...

7.8CVSS5.2AI score0.00564EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2023/03/07 12:0 a.m.33 views

Omron CX-One CXP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CXP...

7.8CVSS4.2AI score0.00564EPSS
Exploits0References1
OSV
OSVadded 2023/03/06 10:15 p.m.2 views

UBUNTU-CVE-2021-36397

In Moodle, insufficient capability checks meant message deletions were not limited to the current user...

5.3CVSS6.8AI score0.00585EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2023/03/06 6:30 a.m.21 views

SketchSVG Arbitrary Code Injection vulnerability

All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string...

7.8CVSS8AI score0.00405EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2023/03/06 6:30 a.m.18 views

GHSA-6722-XVQ8-3254 SketchSVG Arbitrary Code Injection vulnerability

All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string...

7.8CVSS7.3AI score0.00405EPSS
Exploits1References5
Prion
Prionadded 2023/03/06 5:15 a.m.10 views

Command injection

All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string...

4.3CVSS7.9AI score0.00405EPSS
Exploits1References3
Cvelist
Cvelistadded 2023/03/06 5:0 a.m.17 views

CVE-2023-26107

All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string...

6.9CVSS8.2AI score0.00405EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/03/06 12:0 a.m.4 views

PT-2023-20494 · Sketchsvg · Sketchsvg

Name of the Vulnerable Software and Affected Versions: sketchsvg versions all Description: The issue is related to Arbitrary Code Injection when invoking shell.exec without proper sanitization or parametrization, specifically while concatenating the current directory as part of the command string...

7.8CVSS7.9AI score0.00405EPSS
Exploits1References10
Zero Day Initiative
Zero Day Initiativeadded 2023/03/01 12:0 a.m.25 views

Siemens Solid Edge Viewer DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.9AI score0.01443EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2023/03/01 12:0 a.m.17 views

Siemens Solid Edge Viewer SLDPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.7AI score0.00235EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2023/03/01 12:0 a.m.30 views

Siemens Solid Edge Viewer DXF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.7AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/03/01 12:0 a.m.6 views

Grafana 跨站脚本漏洞

Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. A cross-site scripting vulnerability exists in Grafana version 8.1, which stems from map attributes not...

7.3CVSS7.4AI score0.1546EPSS
Exploits0References5
Rows per page
Query Builder