Lucene search
K

72 matches found

Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.6 views

PT-2025-33486 · Autodesk · Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can trigger an Out-of-Bounds Read issue. A malicious actor can exploit this to cause a crash, read...

7.8CVSS7AI score0.00168EPSS
Exploits0References6
OSV
OSV
added 2025/07/18 9:7 a.m.3 views

SUSE-SU-2025:02362-1 Security update for coreutils

This update for coreutils fixes the following issues: - CVE-2025-5278: Fixed heap buffer under-read may lead to a crash or leak sensitive data bsc1243767...

4.4CVSS7.2AI score0.00224EPSS
Exploits0References3
OSV
OSV
added 2025/05/30 2:15 p.m.4 views

AZL-66704 CVE-2025-4598 affecting package kernel for versions less than 5.15.186.1-1

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the origina...

4.7CVSS5.7AI score0.00637EPSS
Exploits1References1
CVE
CVE
added 2025/05/13 8:49 p.m.70 views

CVE-2025-43564

Adobe ColdFusion (versions 2025.1, 2023.13, 2021.19 and earlier) is affected by an Improper Access Control vulnerability that can allow arbitrary file system read. The issue stems from improper access restrictions and could let a high-privileged attacker access or modify sensitive data without au...

9.1CVSS6.1AI score0.09517EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/05/13 8:49 p.m.63 views

CVE-2025-43563

CVE-2025-43563 affects Adobe ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier. It is an Improper Access Control vulnerability that could enable an attacker with high privileges to perform an arbitrary file system read, potentially accessing or modifying sensitive data. Exploitation requir...

9.1CVSS6.1AI score0.09517EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.3 views

PT-2025-6247 · Ivanti · Ivanti Policy Secure +1

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.3 Ivanti Policy Secure versions prior to 22.7R1.3 Description: A hardcoded key in the software allows a local authenticated attacker with admin privileges to read sensitive data. Recommendations:...

6CVSS6.6AI score0.0031EPSS
Exploits0References8
OSV
OSV
added 2024/12/19 4:7 p.m.6 views

CVE-2024-38864 User-Readable Private Key in Windows Agent

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

4.8CVSS6AI score0.0018EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.3 views

PT-2024-9973 · Autodesk · Autodesk Navisworks Manage +2

Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks Freedom affected versions not specified Autodesk Navisworks Simulate affected versions not specified Autodesk Navisworks Manage affected versions not specified Description: A maliciously crafted DWFX file can cause a...

7.8CVSS8.1AI score0.00329EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/11/21 12:0 a.m.3 views

Red Hat Keycloak 安全漏洞

Red Hat Keycloak is a suite of software from Red Hat USA that provides authentication and management capabilities for modern applications and services. A security vulnerability exists in Red Hat Keycloak. An attacker exploiting the vulnerability could read sensitive information...

2.7CVSS4AI score0.00727EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/29 12:0 a.m.3 views

Autodesk AutoCAD 安全漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from Autodesk, Inc. in the United States. Autodesk AutoCAD suffers from a buffer error vulnerability that originates when a maliciously crafted DWG file is parsed, which may force an out-of-bounds write to occur, which can be exploit...

7.8CVSS7.7AI score0.00187EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/29 12:0 a.m.3 views

Autodesk AutoCAD 安全漏洞

Autodesk AutoCAD is a set of professional 3D drawing software from the American Autodesk Corporation. A security vulnerability exists in Autodesk AutoCAD, which can be exploited by an attacker to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS7.4AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/29 12:0 a.m.5 views

Autodesk AutoCAD 安全漏洞

Autodesk AutoCAD is a set of professional 3D drawing software from the American Autodesk Corporation. A memory misreference vulnerability exists in Autodesk AutoCAD, which can be exploited by an attacker to cause a crash, read sensitive data, or execute arbitrary code in the context of the curren...

7.8CVSS7.4AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2024/09/10 3:15 p.m.4 views

CVE-2023-44254

An authorization bypass through user-controlled key CWE-639 vulnerability in FortiAnalyzer version 7.4.1 and before 7.2.5 and FortiManager version 7.4.1 and before 7.2.5 may allow a remote attacker with low privileges to read sensitive data via a crafted HTTP request...

6.5CVSS5.8AI score0.00529EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.4 views

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability previously existed in Apple macOS Sonoma version 14, which stemmed from an application that may be able to read sensitive location information...

5.5CVSS6.3AI score0.00181EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/16 12:0 a.m.6 views

PT-2024-37624 · Rockwell Automation · Pavilion8

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A privilege escalation issue exists in the affected products, allowing a malicious user with basic privileges to access functions that should only be...

8.8CVSS7AI score0.00488EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/07/16 12:0 a.m.4 views

Rockwell Automation Pavilion8 安全漏洞

Rockwell Automation Pavilion8 is a model prediction console from Rockwell Automation. An elevation of privilege vulnerability exists in Rockwell Automation Pavilion 8, which can be exploited by an attacker to read sensitive data and create users...

8.8CVSS6.9AI score0.00488EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.4 views

Xen 安全漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen that...

7.5CVSS8.2AI score0.17444EPSS
Exploits0References7
OSV
OSV
added 2024/02/22 3:15 a.m.5 views

CVE-2024-23127

A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSWDLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the...

7.8CVSS6.1AI score0.00515EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/11/16 12:0 a.m.4 views

Dell OS Recovery Tool 安全漏洞

Dell OS Recovery Tool is a system recovery tool. When the user's Dell computer fails to enter the system due to hard disk replacement/corruption or software reasons, the recovery USB flash drive created by Dell OS Recovery Tool can be used to restore the factory system settings of the Dell comput...

7.8CVSS6.5AI score0.0019EPSS
Exploits0References2
OSV
OSV
added 2023/10/10 5:15 p.m.5 views

CVE-2023-44249

An authorization bypass through user-controlled key CWE-639 vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 allows a remote attacker with low privileges to read sensitive information via crafted HTTP requests...

6.5CVSS5.8AI score0.00872EPSS
Exploits0References2
Rows per page
Query Builder