Lucene search
K

120933 matches found

ATTACKERKB
ATTACKERKB
added 2025/11/07 6:1 p.m.5 views

CVE-2025-9458

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

7.8CVSS7.5AI score0.00183EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/07 3:54 p.m.6 views

CVE-2025-12556

An argument injection vulnerability exists in the affected product that could allow an attacker to execute arbitrary code within the context of the host machine...

8.8CVSS8.1AI score0.00412EPSS
Exploits0References1
Debian
Debian
added 2025/11/07 9:34 a.m.8 views

[SECURITY] [DSA 6050-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6050-1 [email protected] https://www.debian.org/security/ Andres Salomon November 07, 2025 https://www.debian.org/security/faq -...

8.8CVSS7.4AI score0.00238EPSS
Exploits0
CVE
CVE
added 2025/11/07 12:0 a.m.23 views

CVE-2025-61261

CVE-2025-61261 is a reflected XSS vulnerability affecting CKEditor 46.1.0 (CKEditor 5) when used with Angular 18.0.0. The issue enables an attacker-supplied payload to execute in the user’s browser context (impact: partial in some documents; CVSS 3.1 base score 5.4). Affected component is CKEdito...

5.4CVSS5.9AI score0.00232EPSS
Exploits1References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.2 views

Lexmark Printers CWE CATEGORY: Pointer Issues (CVE-2023-50735)

A heap corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503896; scriptversion"1.5";...

9CVSS8.7AI score0.00773EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.4 views

Lexmark Printers Improper Validation of Array Index (CVE-2023-26066)

A PostScript operator that improperly validates the stack has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503906;...

9.8CVSS9.3AI score0.00708EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.4 views

Teamcenter Visualization WRL File Parsing Vulnerabilities

Siemens Teamcenter Visualization contains multiple file-parsing vulnerabilities in its WRL-file reader that affect versions V14.2, V14.3, V2312, and V2406. If a user opens a specially crafted malicious WRL file, the application may crash or allow arbitrary code execution in the context of the...

7.8CVSS6.3AI score0.00272EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.3 views

Lexmark Printers Improper Input Validation (CVE-2023-26069)

An input validation vulnerability has been identified in the web API in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503901; scriptversion"1.3";...

9.8CVSS9.3AI score0.00708EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.3 views

Lexmark Printers Stack-based Buffer Overflow (CVE-2023-50734)

A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503885; scriptversion"1.4";...

9CVSS9.3AI score0.00772EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.2 views

money-pos 安全漏洞

money-pos McNee Cashiering System is a cashiering system by the individual developer of McNeeMoney. A security vulnerability exists in money-pos, which stems from a SQL injection vulnerability in the orderby parameter that could lead to the execution of arbitrary code...

10CVSS8AI score0.00767EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.3 views

Lexmark Printers Buffer Overflow (CVE-2023-26064)

An out of bounds write vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503891; scriptversion"1.3";...

9.8CVSS9.4AI score0.00708EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2025/11/07 12:0 a.m.6 views

py-pdfminer.six -- Arbitrary Code Execution in pdfminer.six via Crafted PDF Input

Pieter Marsman reports: pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The CMapDB.loaddata function in pdfminer.six uses pickle.loads to deserialize pickle files. These pickle files are supposed to be part of the pdfminer.six...

8.6CVSS7.6AI score0.00281EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.2 views

Lexmark Printers Access of Resource Using Incompatible Type (CVE-2024-11346)

A type confusion vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503884;...

7.3CVSS7.6AI score0.00414EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.3 views

Lexmark Printers Integer Overflow or Wraparound (CVE-2023-26065)

An integer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503905; scriptversion"1.3";...

9.8CVSS9.5AI score0.00708EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/06 8:46 p.m.5 views

Command Injection

Overview evernote-mcp-server is a MCP Server for Evernote unofficial Affected versions of this package are vulnerable to Command Injection via the openBrowser function. An attacker can execute arbitrary code with elevated privileges by supplying crafted input that is used in a system call without...

7.8CVSS7.9AI score0.01267EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/06 8:11 p.m.3 views

CVE-2025-12489 evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS7.3AI score0.01267EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/06 8:11 p.m.7 views

CVE-2025-12489 evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS0.01267EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/06 7:59 p.m.3 views

CVE-2022-50589 SuiteCRM < 7.12.6 SQL Injection via 'export' Functionality

SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerability within the processing of the ‘uid’ parameter within the ‘export’ functionality. Successful exploitation allows remote unauthenticated attackers to ultimately execute arbitrary code...

9.3CVSS8.1AI score0.00575EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/06 6:37 p.m.13 views

CVE-2025-11093

An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient restrictions in the GraalJS and NashornJS Script Mediator engines. Authenticated users with elevated privileges can execute arbitrary code within the integration runtime environment. By default, access ...

8.4CVSS7.9AI score0.00395EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/06 4:41 p.m.9 views

CVE-2025-20376

A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files. This vulnerability is due to an insufficient input validation associated to file upload mechanisms. An attacker could exploit this vulnerability by uploading a...

7.2CVSS7.6AI score0.00399EPSS
Exploits0References1
Rows per page
Query Builder