Lucene search
K

23151 matches found

Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.3 views

PT-2025-14102 · Autodesk · Autodesk Navisworks

Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks affected versions not specified Description: The issue arises from a maliciously crafted DWFX file being parsed through Autodesk Navisworks, leading to a Memory Corruption vulnerability. This can be exploited by a maliciou...

7.8CVSS7.7AI score0.00197EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.1 views

Autodesk Navisworks 缓冲区错误漏洞

Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. in the United States. A security vulnerability exists in Autodesk Navisworks that originates from parsing a specially crafted DWFX file resulting in memory corruption that could...

7.8CVSS7.1AI score0.00197EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/04/01 12:0 a.m.7 views

The vulnerabilities of the FortiOS operating system’s GUI component, the FortiProxy proxy server for protecting against internet attacks, the FortiPAM account management system, the FortiWeb network gateway for web applications, and the FortiSRA software for secure remote access, allow attackers to execute arbitrary code or commands.

The vulnerabilities of the FortiOS operating system’s GUI component, the FortiProxy proxy server for protecting against Internet attacks, the FortiPAM account management system, the FortiWeb web application firewall, and the FortiSRA software for secure remote access are related to insufficient...

9CVSS6.2AI score0.00679EPSS
Exploits0References2Affected Software5
OSV
OSV
added 2025/03/31 11:15 p.m.5 views

CVE-2025-24199

An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause a denial-of-service...

5.5CVSS5.7AI score0.00248EPSS
Exploits0References6
NVD
NVD
added 2025/03/31 11:15 p.m.12 views

CVE-2025-24199

An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause a denial-of-service...

5.5CVSS0.00248EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/03/31 10:23 p.m.18 views

CVE-2025-24199

An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause a denial-of-service...

0.00248EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/31 10:23 p.m.8 views

CVE-2025-24199

An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause a denial-of-service...

6.1AI score0.00248EPSS
Exploits0References3
CVE
CVE
added 2025/03/31 10:23 p.m.72 views

CVE-2025-24199

CVE-2025-24199 describes an uncontrolled format string issue in macOS components that is fixed by Apple in macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. The root cause relates to insufficient input validation, with the public description noting that an application may be able...

5.5CVSS5.8AI score0.00248EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2025/03/31 2:3 p.m.2 views

jinja2: Jinja sandbox breakout through attr filter selecting format method

A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...

8.8CVSS7.6AI score0.00465EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2025/03/31 8:1 a.m.83 views

IOT_hack

IOTha...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/03/31 2:9 a.m.5 views

jinja2: Jinja sandbox breakout through attr filter selecting format method

A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...

8.8CVSS7.6AI score0.00465EPSS
Exploits0References6
OSV
OSV
added 2025/03/31 12:0 a.m.8 views

ALSA-2025:3388 Important: python-jinja2 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.8CVSS7.2AI score0.00465EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.4 views

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that originates from an uncontrolled format string that could result in a denial of service...

5.5CVSS6.2AI score0.00248EPSS
Exploits0References2
OSV
OSV
added 2025/03/29 6:23 a.m.9 views

OESA-2025-1336 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for formatcount earlier While the check for formatcount 64 in drmuniversalplaneinit shouldn't be hit it's a WARNON, in its current...

7.8CVSS6.9AI score0.00284EPSS
Exploits0References20
OSV
OSV
added 2025/03/28 8:15 p.m.3 views

DEBIAN-CVE-2025-2925

A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MMrealloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to th...

5.5CVSS3.7AI score0.00242EPSS
Exploits1References1
OSV
OSV
added 2025/03/28 8:15 p.m.8 views

AZL-59383 CVE-2025-2924 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HLfldeserialize of the file src/H5HLcache.c. The manipulation of the argument freeblock leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The...

5.5CVSS5.3AI score0.00269EPSS
Exploits1References1
OSV
OSV
added 2025/03/28 5:15 p.m.6 views

AZL-59391 CVE-2025-2914 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...

3.3CVSS5.5AI score0.00255EPSS
Exploits1References1
OSV
OSV
added 2025/03/28 5:15 p.m.3 views

DEBIAN-CVE-2025-2915

A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5Faccumfree of the file src/H5Faccum.c. The manipulation of the argument overlapsize leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been...

5.5CVSS3.8AI score0.00269EPSS
Exploits1References1
OSV
OSV
added 2025/03/28 5:15 p.m.3 views

DEBIAN-CVE-2025-2914

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...

4.8CVSS4.1AI score0.00255EPSS
Exploits1References1
OSV
OSV
added 2025/03/28 5:15 p.m.1 views

UBUNTU-CVE-2025-2913

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...

5.3CVSS5.2AI score0.00229EPSS
Exploits1References6
Rows per page
Query Builder