Lucene search
K

1104 matches found

CNVD
CNVD
added 2023/11/21 12:0 a.m.13 views

Adobe After Effects Out-of-Bounds Write Vulnerability (CNVD-2023-91790)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds write vulnerability exists in Adobe After Effects versions...

7.8CVSS7.6AI score0.00359EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/21 12:0 a.m.20 views

Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2023-91794)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. AAdobe After Effects version 24.0.2 and earlier and version 23.6 and earlie...

7.8CVSS7.6AI score0.00397EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/21 12:0 a.m.20 views

Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2023-91792)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects versions...

5.5CVSS6.4AI score0.00401EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/21 12:0 a.m.17 views

Adobe Dimension Out-of-Bounds Read Vulnerability (CNVD-2023-100308)

Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. Adobe Dimension suffers from an out-of-bounds read vulnerability that can be exploited by attackers to obtain sensitive information...

5.5CVSS6.4AI score0.00367EPSS
Exploits0References1
Fedora
Fedora
added 2023/11/03 7:5 p.m.44 views

[SECURITY] Fedora 39 Update: godot-4.1.2-1.fc39

Godot is an advanced, feature-packed, multi-platform 2D and 3D game engine. It provides a huge set of common tools, so you can just focus on making your game without reinventing the wheel. Godot is completely free and open source under the very permissive MIT license. No strings attached, no...

8.8CVSS8.8AI score0.01354EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.28 views

openSUSE 15 Security Update : python-CairoSVG (openSUSE-SU-2023:0272-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0272-1 advisory. - CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression...

9.9CVSS6.7AI score0.01466EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.27 views

openSUSE 15 Security Update : python-CairoSVG (openSUSE-SU-2023:0260-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0260-1 advisory. - CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression...

9.9CVSS6.7AI score0.01466EPSS
Exploits1References7
CNVD
CNVD
added 2023/09/14 12:0 a.m.32 views

Siemens Teamcenter Visualization and JT2Go Out-of-Bounds Write Vulnerability (CNVD-2023-69808)

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. An out-of-bounds write vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code ...

7.8CVSS7.2AI score0.00313EPSS
Exploits0References1
CNVD
CNVD
added 2023/09/14 12:0 a.m.19 views

Siemens Teamcenter Visualization and JT2Go Type Obfuscation Vulnerability

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A type confusion vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code in the...

7.8CVSS7.1AI score0.00313EPSS
Exploits0References1
CNVD
CNVD
added 2023/09/14 12:0 a.m.37 views

Siemens Teamcenter Visualization and JT2Go stack buffer overflow vulnerability (CNVD-2023-69804)

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A stack buffer overflow vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code...

7.8CVSS7.5AI score0.00293EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/07/18 12:0 a.m.63 views

Amazon Corretto Java 17.x < 17.0.8.7.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 17 17.0.8.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2023-Jul-18 advisory. - core-libs/java.net CVE-2023-22006 - core-libs/java.util CVE-2023-22036 - hotspot/compiler...

7.5CVSS6.2AI score0.01812EPSS
Exploits0References7
CNVD
CNVD
added 2023/06/14 12:0 a.m.23 views

Siemens Teamcenter Visualization and JT2Go Memory Corruption Vulnerability

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML with available JT, VFZ, CGM and TIF data.Teamcenter Visualization software is able to enhance its Product Lifecycle Management PLM environments with a comprehensive range of visualization solutions. PLM environme...

7.8CVSS7.2AI score0.00217EPSS
Exploits0References1
Snyk
Snyk
added 2023/06/06 8:20 a.m.3 views

Malicious Package

Overview mongoose-geojson-schema-2d is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if thi...

9.8CVSS7.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/06/03 2:41 p.m.3 views

Malicious code in mongoose-geojson-schema-2d (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f64dbcc8b994e165e387b83aad34a6af319aafa0fe13b67eb52d8c5fb286e34f The OpenSSF Package Analysis project identified 'mongoose-geojson-schema-2d' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

6.9AI score
Exploits0
OSV
OSV
added 2023/06/03 2:41 p.m.15 views

MAL-2023-1239 Malicious code in mongoose-geojson-schema-2d (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f64dbcc8b994e165e387b83aad34a6af319aafa0fe13b67eb52d8c5fb286e34f The OpenSSF Package Analysis project identified 'mongoose-geojson-schema-2d' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2023/05/21 12:0 a.m.34 views

LibreCAD: Multiple Vulnerabilities

Background LibreCAD is a generic 2D CAD program. Description Multiple vulnerabilities have been discovered in LibreCAD. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this...

9.3CVSS9AI score0.06617EPSS
Exploits6
Gentoo Linux
Gentoo Linux
added 2023/05/03 12:0 a.m.50 views

Cairo: Buffer Overflow Vulnerability

Background Cairo is a 2D vector graphics library with cross-device output support. Description An attacker with the ability to provide input to Cairo's image-compositor can cause a buffer overwrite. Impact Malicious input to Cairo's image-compositor can result in denial of service of the...

7.8CVSS6.8AI score0.01112EPSS
Exploits0
Mageia
Mageia
added 2023/04/06 9:20 p.m.73 views

Updated python-cairosvg packages fix security vulnerability

CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service...

9.9CVSS6.8AI score0.00722EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.28 views

Fedora 36 : python-cairosvg (2023-064525b17b)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-064525b17b advisory. - Update python-cairosvg version 2.7.0 - Disable isort flake8 patch updated - Fix CVE-2023-27586 - BZ2180272 BZ2180271 Tenable has extracted the preceding...

9.9CVSS7.4AI score0.00722EPSS
Exploits0References2
OSV
OSV
added 2023/03/27 9:35 p.m.27 views

CVE-2023-26493 Command Injection in Cocos Engine workflow

Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...

8.1CVSS8.6AI score0.02907EPSS
Exploits1References5
Rows per page
Query Builder