Lucene search
K

23182 matches found

BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.4 views

The vulnerability in the mainfunction.cgii web interface of DrayTek Vigor software allows a hacker to execute arbitrary code.

The vulnerability in the mainfunction.cgii web interface of the DrayTek Vigor router software system involves the use of uncontrolled format strings. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

10CVSS8.1AI score0.03302EPSS
Exploits1References3Affected Software3
CNNVD
CNNVD
added 2024/12/23 12:0 a.m.2 views

Jinja 安全漏洞

Jinja is a fast, expressive and extensible template engine open-sourced by Pallets. A security vulnerability exists in Jinja versions prior to 3.1.5, which stems from a sandbox environment that detects improperly called str.format, allowing an attacker who controls the content of a template to...

7.8CVSS7.4AI score0.005EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.5 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory when processing PAR format files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS6.3AI score0.00211EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.6 views

The vulnerability of Siemens Solid Edge’s design and simulation tools, related to a countable loss of significance, allows attackers to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to a countable amount of significance loss during the processing of PAR format files. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS5.8AI score0.00165EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.4 views

The vulnerability of PDF viewing and editing programs such as Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Reader, and Adobe Acrobat lies in their memory management after memory is freed. This allows attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs like Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Reader, and Adobe Acrobat is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially create...

7CVSS6AI score0.00444EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.5 views

The vulnerability of the format_channel_mask function in the Gstreamer multimedia framework, which allows a hacker to trigger a service failure.

The vulnerability of the formatchannelmask function in the Gstreamer multimedia framework relates to reading data beyond the allowed range of memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.1CVSS6.7AI score0.01101EPSS
Exploits0References13Affected Software8
Amazon
Amazon
added 2024/12/19 12:0 a.m.4 views

Important: ghostscript

Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...

7.8CVSS7.5AI score0.00388EPSS
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2024/12/19 12:0 a.m.41 views

The Windows Registry Adventure #5: The regf file format

Posted by Mateusz Jurczyk, Google Project Zero As previously mentioned in the second installment of the blog post series "A brief history of the feature", the binary format used to encode registry hives from Windows NT 3.1 up to the modern Windows 11 is called regf. In a way, it is quite special,...

7.8CVSS8.1AI score0.24325EPSS
Exploits1
OSV
OSV
added 2024/12/17 4:15 p.m.4 views

CVE-2024-12670

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS6.1AI score0.00329EPSS
Exploits0References1
OSV
OSV
added 2024/12/17 4:15 p.m.4 views

CVE-2024-12191

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS6.1AI score0.00262EPSS
Exploits0References1
OSV
OSV
added 2024/12/17 4:15 p.m.3 views

CVE-2024-12178

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

7.8CVSS6.1AI score0.00325EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/17 12:0 a.m.6 views

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation and Teamcenter Visualization systems for modeling systems and processes involves allowing operations to escape from memory buffers, enabling attackers to execute arbitrary code or cause service failures.

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation and Teamcenter Visualization’s Product Lifecycle Management system lies in the execution of operations beyond the buffer in memory when processing WRL format files. Exploiting this vulnerability can allow attacke...

7.8CVSS8AI score0.00179EPSS
Exploits0References4Affected Software2
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.2 views

Autodesk Navisworks 安全漏洞

Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. in the United States. A security vulnerability exists in Autodesk Navisworks version 2025, which originates from a maliciously crafted DWFX file that triggers an out-of-bounds writ...

7.8CVSS6.7AI score0.00262EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.4 views

PT-2024-9972 · Autodesk · Autodesk Navisworks Manage +2

Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks Freedom affected versions not specified Autodesk Navisworks Simulate affected versions not specified Autodesk Navisworks Manage affected versions not specified Description: A maliciously crafted DWF file, when parsed throu...

7.8CVSS8.5AI score0.00262EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2024/12/17 12:0 a.m.6 views

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation and Teamcenter Visualization systems for modeling systems and processes involves allowing operations to escape from memory buffers, enabling attackers to execute arbitrary code or cause service failures.

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation and Teamcenter Visualization’s Product Lifecycle Management system lies in the execution of operations beyond the buffer in memory when processing WRL-formatted files. Exploiting this vulnerability can allow...

7.8CVSS8AI score0.00179EPSS
Exploits0References4Affected Software2
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.3 views

Autodesk Navisworks 安全漏洞

Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. in the United States. A security vulnerability exists in Autodesk Navisworks, which can be exploited to cause a crash, data corruption, or execution of arbitrary code in the...

7.8CVSS7.3AI score0.00468EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.3 views

Autodesk Navisworks 安全漏洞

Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. in the United States. A security vulnerability exists in Autodesk Navisworks that originates from an out-of-bounds write that can be enforced when parsing a maliciously crafted DWF...

7.8CVSS7.4AI score0.00338EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.2 views

Autodesk Navisworks 安全漏洞

Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. in the United States. A security vulnerability exists in Autodesk Navisworks version 2025, which originates from a maliciously crafted DWF file that can cause an out-of-bounds writ...

7.8CVSS6.7AI score0.00262EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.2 views

Autodesk Navisworks 缓冲区错误漏洞

Autodesk Navisworks is a 3D model review software for architecture, engineering, and construction from Autodesk, Inc. A buffer error vulnerability exists in Autodesk Navisworks, which originates from parsing a maliciously crafted DWF file can be used to cause a heap overflow, which can be exploit...

7.8CVSS7.4AI score0.00329EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.2 views

PT-2024-9974 · Autodesk · Autodesk Navisworks Manage +2

Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks Freedom affected versions not specified Autodesk Navisworks Simulate affected versions not specified Autodesk Navisworks Manage affected versions not specified Description: A maliciously crafted DWFX file, when parsed...

7.8CVSS8.1AI score0.0025EPSS
Exploits0References9
Rows per page
Query Builder