1104 matches found
Adobe After Effects Out-of-Bounds Write Vulnerability (CNVD-2023-91790)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds write vulnerability exists in Adobe After Effects versions...
Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2023-91794)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. AAdobe After Effects version 24.0.2 and earlier and version 23.6 and earlie...
Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2023-91792)
Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects versions...
Adobe Dimension Out-of-Bounds Read Vulnerability (CNVD-2023-100308)
Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. Adobe Dimension suffers from an out-of-bounds read vulnerability that can be exploited by attackers to obtain sensitive information...
[SECURITY] Fedora 39 Update: godot-4.1.2-1.fc39
Godot is an advanced, feature-packed, multi-platform 2D and 3D game engine. It provides a huge set of common tools, so you can just focus on making your game without reinventing the wheel. Godot is completely free and open source under the very permissive MIT license. No strings attached, no...
openSUSE 15 Security Update : python-CairoSVG (openSUSE-SU-2023:0272-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0272-1 advisory. - CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression...
openSUSE 15 Security Update : python-CairoSVG (openSUSE-SU-2023:0260-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0260-1 advisory. - CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression...
Siemens Teamcenter Visualization and JT2Go Out-of-Bounds Write Vulnerability (CNVD-2023-69808)
Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. An out-of-bounds write vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code ...
Siemens Teamcenter Visualization and JT2Go Type Obfuscation Vulnerability
Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A type confusion vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code in the...
Siemens Teamcenter Visualization and JT2Go stack buffer overflow vulnerability (CNVD-2023-69804)
Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A stack buffer overflow vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code...
Amazon Corretto Java 17.x < 17.0.8.7.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 17 17.0.8.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2023-Jul-18 advisory. - core-libs/java.net CVE-2023-22006 - core-libs/java.util CVE-2023-22036 - hotspot/compiler...
Siemens Teamcenter Visualization and JT2Go Memory Corruption Vulnerability
JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML with available JT, VFZ, CGM and TIF data.Teamcenter Visualization software is able to enhance its Product Lifecycle Management PLM environments with a comprehensive range of visualization solutions. PLM environme...
Malicious Package
Overview mongoose-geojson-schema-2d is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if thi...
Malicious code in mongoose-geojson-schema-2d (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f64dbcc8b994e165e387b83aad34a6af319aafa0fe13b67eb52d8c5fb286e34f The OpenSSF Package Analysis project identified 'mongoose-geojson-schema-2d' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
MAL-2023-1239 Malicious code in mongoose-geojson-schema-2d (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f64dbcc8b994e165e387b83aad34a6af319aafa0fe13b67eb52d8c5fb286e34f The OpenSSF Package Analysis project identified 'mongoose-geojson-schema-2d' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
LibreCAD: Multiple Vulnerabilities
Background LibreCAD is a generic 2D CAD program. Description Multiple vulnerabilities have been discovered in LibreCAD. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this...
Cairo: Buffer Overflow Vulnerability
Background Cairo is a 2D vector graphics library with cross-device output support. Description An attacker with the ability to provide input to Cairo's image-compositor can cause a buffer overwrite. Impact Malicious input to Cairo's image-compositor can result in denial of service of the...
Updated python-cairosvg packages fix security vulnerability
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service...
Fedora 36 : python-cairosvg (2023-064525b17b)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-064525b17b advisory. - Update python-cairosvg version 2.7.0 - Disable isort flake8 patch updated - Fix CVE-2023-27586 - BZ2180272 BZ2180271 Tenable has extracted the preceding...
CVE-2023-26493 Command Injection in Cocos Engine workflow
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...