Lucene search
+L

59 matches found

Fedora
Fedora
added 2023/11/04 3:42 a.m.21 views

[SECURITY] Fedora 38 Update: netconsd-0.4-1.fc38

This is a daemon for receiving and processing logs from the Linux Kernel, as emitted over a network by the kernel's netconsole module. It supports both the old "legacy" text-only format, and the new extended format added in v4.4. The core of the daemon does nothing but process messages and drop...

7.3AI score
Exploits0
Fedora
Fedora
added 2023/11/03 1:11 a.m.17 views

[SECURITY] Fedora 37 Update: netconsd-0.4-1.fc37

This is a daemon for receiving and processing logs from the Linux Kernel, as emitted over a network by the kernel's netconsole module. It supports both the old "legacy" text-only format, and the new extended format added in v4.4. The core of the daemon does nothing but process messages and drop...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/03/26 12:0 a.m.10 views

The vulnerability of Adobe Dimension’s 3D design software lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe Dimension’s 3D design software relates to the execution of operations beyond the buffer boundaries in memory when processing OBJ files. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malware file or a specially creat...

7.8CVSS8AI score0.0032EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:2 a.m.4 views

SUSE CVE-2016-5028

The printframeinstbytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via an object file with empty bss-like sections...

6.5CVSS6.8AI score0.0292EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.5 views

SUSE CVE-2019-20053

An invalid memory address dereference was discovered in the canUnpack function in pmach.cpp in UPX 3.95 via a crafted Mach-O file...

5.5CVSS6.2AI score0.01227EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.5 views

SUSE CVE-2020-28366

Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file...

7.5CVSS9.8AI score0.02244EPSS
Exploits0References8
OSV
OSV
added 2022/10/11 9:15 p.m.4 views

CVE-2022-41188

Due to lack of proper memory management, when a victim opens manipulated Wavefront Object .obj, ObjTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until...

7.8CVSS5.8AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2022/10/11 9:15 p.m.5 views

CVE-2022-41166

Due to lack of proper memory management, when a victim opens manipulated Wavefront Object .obj, ObjTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until...

5.5CVSS5.8AI score0.00242EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.7 views

PT-2022-25711 · Sap · Sap 3D Visual Enterprise Viewer

Name of the Vulnerable Software and Affected Versions: SAP 3D Visual Enterprise Viewer version 9 Description: The issue arises due to improper memory management. When a user opens a manipulated Wavefront Object .obj file in SAP 3D Visual Enterprise Viewer, the application can crash and become...

7.8CVSS7.5AI score0.00305EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/07/15 12:0 a.m.3 views

Bentley Systems MicroStation和Bentley View 缓冲区错误漏洞

Bentley Systems MicroStation and Bentley View are both products of Bentley Systems, Inc. of the U.S.A. MicroStation is a Cad software platform for 2D and 3D design and drafting.Bentley View is a freeware viewer. A security vulnerability exists in Bentley Systems MicroStation version 10.16. and...

3.3CVSS5AI score0.00205EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.9 views

PT-2022-18942 · Bentley · Bentley Microstation Connect

Name of the Vulnerable Software and Affected Versions: Bentley MicroStation CONNECT version 10.16.02.034 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

7.8CVSS7.8AI score0.00897EPSS
Exploits0References4
Kitploit
Kitploit
added 2021/12/03 8:30 p.m.21 views

IDA2Obj - Static Binary Instrumentation

IDA2Obj is a tool to implement SBI StaticBinary Instrumentation. The working flow is simple: Dump object files COFF directly from one executable binary. Link the object files into a new binary, almost the same as the old one. During the dumping process, you can insert any data/code at any locatio...

7.2AI score
Exploits0References3
CNNVD
CNNVD
added 2021/11/30 12:0 a.m.6 views

Bentley ContextCapture 缓冲区错误漏洞

Bentley ContextCapture is a 3D reality modeling software. A buffer error vulnerability exists in Bentley ContextCapture that stems from a boundary condition when parsing an OBJ file. A remote attacker could create a specially crafted file, trick the victim into opening it, trigger an out-of-bound...

5.5CVSS5.3AI score0.01699EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.11 views

The vulnerability of the Siemens Solid Edge Viewer application, a tool set for design and simulation with Siemens Solid Edge, allows a malicious actor to execute arbitrary code.

The vulnerability of the Siemens Solid Edge Viewer application, a tool for design and simulation, is related to the use of memory after it is freed during OBJ file syntax analysis. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created malicio...

8.8CVSS7.6AI score0.01122EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2021/09/28 12:0 a.m.6 views

Siemens Solid Edge 缓冲区错误漏洞

Solid Edge is a 3D CAD, parametric feature and synchronous technology solid modeling software. information disclosure vulnerability exists in previous versions of Siemens Solid Edge SE2021MP8. An attacker could exploit the vulnerability to obtain information via specially crafted OBJ files...

4.3CVSS5AI score0.00935EPSS
Exploits0References11
Cvelist
Cvelist
added 2021/05/18 2:49 p.m.51 views

CVE-2021-32238

Epic Games / Psyonix Rocket League =1.95 is affected by Buffer Overflow. Stack-based buffer overflow occurs when Rocket League handles UPK object files that can result in code execution and denial of service scenario...

8.2AI score0.02076EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2021/04/13 12:0 a.m.6 views

PT-2021-11560 · Libslic3R +2 · Libslic3R +2

Name of the Vulnerable Software and Affected Versions: Slic3r libslic3r version 1.3.0 Slic3r libslic3r Master Commit 92abbc42 Description: An out-of-bounds read issue exists in the TriangleMesh::TriangleMesh functionality when handling obj files. This could lead to information disclosure if a...

8.6CVSS6.9AI score0.01342EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2021/01/14 1:40 p.m.7 views

golang: malicious symbol names can lead to code execution at build time

An input validation vulnerability was found in Go. From a generated go file from the cgo tool, it is possible to modify symbols within that object file and specify code. This flaw allows an attacker to create a repository that includes malicious pre-built object files that could execute arbitrary...

7.5CVSS7.6AI score0.02244EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/12/15 5:12 p.m.8 views

golang: malicious symbol names can lead to code execution at build time

An input validation vulnerability was found in Go. From a generated go file from the cgo tool, it is possible to modify symbols within that object file and specify code. This flaw allows an attacker to create a repository that includes malicious pre-built object files that could execute arbitrary...

7.5CVSS7.6AI score0.02244EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/12/03 11:20 a.m.7 views

golang: malicious symbol names can lead to code execution at build time

An input validation vulnerability was found in Go. From a generated go file from the cgo tool, it is possible to modify symbols within that object file and specify code. This flaw allows an attacker to create a repository that includes malicious pre-built object files that could execute arbitrary...

7.5CVSS7.6AI score0.02244EPSS
Exploits0References5
Rows per page
Query Builder