Lucene search
K

96 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:50 a.m.5 views

CVE-2023-32547

Incorrect default permissions in the MAVinci Desktop Software for IntelR Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.1AI score0.00131EPSS
Exploits0References1
OSV
OSV
added 2024/12/10 9:15 p.m.7 views

CVE-2024-52997

Photoshop Desktop versions 26.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00521EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 3:9 p.m.28 views

CVE-2023-7298 Out-of-Bounds Write Vulnerability in in Autodesk Desktop Software

A maliciously crafted FBX file, when parsed through Autodesk FBX SDK, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

4.4CVSS0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 3:9 p.m.13 views

CVE-2023-7298 Out-of-Bounds Write Vulnerability in in Autodesk Desktop Software

A maliciously crafted FBX file, when parsed through Autodesk FBX SDK, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

4.4CVSS7.7AI score0.00312EPSS
Exploits0References1
Citrix
Citrix
added 2024/11/05 12:0 a.m.10 views

Citrix Virtual Desktop - Printers cannot be created if one of printer server is offline

There are 2 printer servers, each with 6 printers. Apply the printers with Citrix policy "Printer Assignment". If one printer server is offline, other online printers cannot be created in the ICA session desktop...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2024/09/30 8:28 p.m.25 views

CVE-2024-7671 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS0.00203EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/30 8:25 p.m.28 views

CVE-2024-7670 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS0.00208EPSS
Exploits0References1
NVD
NVD
added 2024/06/21 2:15 p.m.35 views

CVE-2024-6240

Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could add malicious code in a script and populate the BASHENV environment variable with the path to the malicious script, executing on application startup. An attacke...

10CVSS0.00317EPSS
Exploits0References1
CVE
CVE
added 2024/06/21 1:33 p.m.82 views

CVE-2024-6240

CVE-2024-6240 concerns an improper privilege management vulnerability in Parallels Desktop Software prior to version 19.3.0. An attacker could place malicious code in a script and populate the BASH_ENV variable with the path to that script, causing it to execute on application startup and potenti...

10CVSS7.9AI score0.00317EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2024/04/24 1:36 p.m.31 views

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver a malware called SSLoad. The campaign, codenamed FROZENSHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/17 10:23 a.m.60 views

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity entails the exploitation of CVE-2023-48788 CVSS score: 9.3, a critical SQL...

9.8CVSS10AI score0.97591EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/03/25 7:37 a.m.18 views

Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks

The Iran-affiliated threat actor tracked as MuddyWater aka Mango Sandstorm or TA450 has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management RMM solution called Atera. The activity, which took place from March 7 through the week o...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.3 views

OpenText Exceed Turbo X Cross-Site Scripting Vulnerability

OpenText Exceed Turbo X is a virtual desktop software from OpenText Canada. A cross-site scripting vulnerability exists in OpenText Exceed Turbo X version 12.5.1, which can be exploited by an attacker to inject malicious code...

6.4CVSS6.1AI score0.00366EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2024/02/13 4:38 p.m.14 views

Remote Monitoring & Management software used in phishing attacks

Remote Monitoring & Management RMM software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today, streamlining tasks and ensuring network integrity from afar. However, these same tools have caught the eye of cybercriminals, who exploit them to...

7.7AI score
Exploits0
NVD
NVD
added 2023/08/11 3:15 a.m.27 views

CVE-2023-32547

Incorrect default permissions in the MAVinci Desktop Software for IntelR Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7AI score0.00131EPSS
Exploits0References1
OSV
OSV
added 2023/08/11 3:15 a.m.5 views

CVE-2023-32547

Incorrect default permissions in the MAVinci Desktop Software for IntelR Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References1
Prion
Prion
added 2023/08/11 3:15 a.m.19 views

Design/Logic Flaw

Incorrect default permissions in the MAVinci Desktop Software for IntelR Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access...

4.3CVSS7.8AI score0.00131EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/11 2:37 a.m.27 views

CVE-2023-32547

Incorrect default permissions in the MAVinci Desktop Software for IntelR Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS8.1AI score0.00131EPSS
Exploits0References1
CVE
CVE
added 2023/08/11 2:37 a.m.39 views

CVE-2023-32547

The CVE-2023-32547 issue affects MAVinci Desktop Software for Intel® Falcon 8+ prior to version 6.2. The root cause is incorrect default permissions in the MAVinci Desktop software, which could allow an authenticated local user to escalate privileges. CVSS vectors indicate a local attack with low...

7.8CVSS7.8AI score0.00131EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/11 2:37 a.m.13 views

CVE-2023-32547

Incorrect default permissions in the MAVinci Desktop Software for IntelR Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS7.2AI score0.00131EPSS
Exploits0References1
Rows per page
Query Builder