CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

892 matches found

Zero Day Initiative•added 2025/07/22 12:0 a.m.•5 views

(0Day) Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS6.6AI score0.00063EPSS

Exploits0

Positive Technologies•added 2025/07/22 12:0 a.m.•4 views

PT-2025-30461

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Graphite VC6 affected versions not specified Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this...

7.8CVSS7.6AI score0.00068EPSS

Exploits0References4

Zero Day Initiative•added 2025/07/22 12:0 a.m.•9 views

(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

7.8CVSS6.7AI score0.00068EPSS

Exploits0

CNNVD•added 2025/06/02 12:0 a.m.•1 views

Grafana 安全漏洞

Grafana is a set of open source monitoring tools from Grafana open source that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana that stems from a dashboard...

8.3CVSS8AI score0.00008EPSS

Exploits0References3

BDU FSTEC•added 2025/05/05 12:0 a.m.•1 views

The vulnerability of the Graphite automated drawing system, related to writing beyond the buffer memory boundaries, allows a perpetrator to execute arbitrary code.

The vulnerability of the Graphite automated drawing system is related to the writing beyond the buffer memory during the analysis of VC6 files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.8AI score0.00671EPSS

Exploits0References4Affected Software1

Schneier on Security•added 2025/03/25 11:5 a.m.•11 views

Report on Paragon Spyware

Citizen Lab has a new report on Paragon's spyware: Key Findings: Introducing Paragon Solutions. Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by claiming it has safeguards to prevent the kinds of spyware abuses that NSO Group...

6.5AI score

Exploits0

The Hacker News•added 2025/03/20 10:56 a.m.•17 views

Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data

The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of spyware developed by Israeli company Paragon Solutions, according to a new report from The Citizen Lab. Paragon, founded in 2019 by Ehud Barak and Ehud Schneorson, is the maker of a surveillance...

6.7AI score

Exploits0

Tenable Nessus•added 2025/03/04 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2017-5436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue...

8.8CVSS7.5AI score0.00556EPSS

Exploits0References2

SUSE CVE•added 2025/02/14 7:3 a.m.•1 views

SUSE CVE-2023-1410

Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have contro...

5.7CVSS7AI score0.0199EPSS

Exploits1References13

Positive Technologies•added 2025/02/10 12:0 a.m.•2 views

PT-2025-25364

Name of the Vulnerable Software and Affected Versions Apple watchOS versions 11.3.1 and later Apple macOS Ventura versions 13.7.4 and later Apple iOS versions 15.8.4 and later Apple iPadOS versions 15.8.4 and later Apple iOS versions 16.7.11 and later Apple iPadOS versions 16.7.11 and later Apple...

4.2CVSS6.5AI score0.00881EPSS

Exploits0References96

RedhatCVE•added 2025/02/06 12:8 a.m.•7 views

CVE-2022-47439

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rocket Apps Open Graphite plugin = 1.6.0 versions...

7.1CVSS5.8AI score0.00287EPSS

Exploits0

CISA•added 2025/02/04 12:0 p.m.•2 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on February 4, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-035-01 Western Telematic Inc NPS Series, DSM Series, CPM Series ICSA-25-035-02 Rockwe...

7.1AI score

Exploits0References9

NVD•added 2024/12/30 9:15 p.m.•13 views

CVE-2024-13051

Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the...

7.8CVSS0.00671EPSS

Exploits0References1

NVD•added 2024/12/30 9:15 p.m.•8 views

CVE-2024-13050

7.8CVSS0.00802EPSS

Exploits0References1