CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/01/17 12:0 a.m.•33 views

Adobe Substance 3D Stager 3.1.0 Multiple Vulnerabilities (APSB25-03)

The version of Adobe Substance 3D Stager installed on the remote host is prior to 3.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-03 advisory. - Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability th...

7.8CVSS6.5AI score0.00239EPSS

Exploits0References6

F5 Networks•added 2025/01/16 11:8 p.m.•24 views

K000149329: PostgreSQL vulnerabilities CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, and CVE-2014-0063

Security Advisory Description CVE-2014-0060 PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users t...

6.5CVSS8.3AI score0.06047EPSS

Exploits4

CVE•added 2025/01/15 5:17 a.m.•53 views

CVE-2024-55577

CVE-2024-55577 describes a stack-based buffer overflow in Linux Ratfor 1.06 and earlier. When processing a specially crafted input file, an attacker can execute arbitrary code, potentially compromising user information or system usability. Several connected sources corroborate this vulnerability ...

7CVSS7.8AI score0.00118EPSS

Exploits0References2

NVD•added 2025/01/14 7:15 p.m.•7 views

CVE-2025-21128

Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00239EPSS

CVE•added 2025/01/14 6:58 p.m.•58 views

CVE-2025-21128

The CVE-2025-21128 entry concerns Adobe Substance3D Stager, feature: Stack-based Buffer Overflow in Stager versions 3.0.4 and earlier. Root cause: overflow in processing of user-provided files leading to arbitrary code execution in the context of the current user. Impact: high, since code executi...

7.8CVSS7.8AI score0.00239EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/01/14 6:58 p.m.•14 views

CVE-2025-21128 Substance3D - Stager | Stack-based Buffer Overflow (CWE-121)

7.8CVSS0.00239EPSS

Vulnrichment•added 2025/01/14 6:58 p.m.•9 views

CVE-2025-21128 Substance3D - Stager | Stack-based Buffer Overflow (CWE-121)

7.8CVSS7.8AI score0.00239EPSS

NVD•added 2025/01/14 3:15 p.m.•5 views

CVE-2024-39774

A buffer overflow vulnerability exists in the adm.cgi setsysadm functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS0.0112EPSS

NVD•added 2025/01/14 3:15 p.m.•4 views

CVE-2024-39768

Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This...

9.1CVSS0.00865EPSS

OSV•added 2025/01/14 3:15 p.m.•1 views

CVE-2024-39757

A stack-based buffer overflow vulnerability exists in the wireless.cgi AddMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

7.2CVSS7.8AI score

Exploits0References2

OSV•added 2025/01/14 3:15 p.m.•2 views

CVE-2024-39358

A buffer overflow vulnerability exists in the adm.cgi setwzap functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

7.2CVSS6.3AI score0.0061EPSS

CVE-2024-39357

A stack-based buffer overflow vulnerability exists in the wireless.cgi SetName functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS0.00452EPSS

NVD•added 2025/01/14 3:15 p.m.•4 views

CVE-2024-39294

A buffer overflow vulnerability exists in the adm.cgi setwzdgw4G functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS0.0061EPSS

CVE-2024-39299

A buffer overflow vulnerability exists in the qos.cgi qosstasettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS0.00451EPSS

CVE-2024-37184

A buffer overflow vulnerability exists in the adm.cgi repasbridge functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS0.0112EPSS

CVE-2024-36493

A stack-based buffer overflow vulnerability exists in the wireless.cgi setwifibasic functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS0.00832EPSS