Lucene search
+L

28 matches found

ptsecurity
ptsecurity
added 2026/07/01 12:0 a.m.8 views

PT-2026-54852

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-51 ImageMagick versions prior to 7.1.2-26 Description A use-after-free occurs when identifying an image containing a crafted 8BIM profile with a specific format string. Use-after-free is a memory corruption...

5.5CVSS6.2AI score0.00103EPSS
Exploits0References22
euvd
euvd
added 2025/11/12 10:25 p.m.2 views

EUVD-2025-138114

Malicious code in avarag-obios-bim npm...

6.6AI score
Exploits0
osv
osv
added 2025/11/12 10:25 p.m.2 views

MAL-2025-181890 Malicious code in avarag-obios-bim (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99f02ce0df9665ebd0af25d8eab6537cd7c6800860b5d5b1d2b274139c69e2d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-28213

Malware in sbrugna...

7.8CVSS7.6AI score0.00375EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/08/19 11:2 a.m.7 views

CVE-2025-9135 Verkehrsauskunft Österreich SmartRide/cleVVVer/BusBahnBim/Salzburg Verkehr AndroidManifest.xml improper export of android application components

A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer, BusBahnBim and Salzburg Verkehr up to 12.1.1258 on Android. The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android application components...

5.3CVSS5AI score0.00257EPSS
Exploits1References7
cve
cve
added 2025/08/19 11:2 a.m.26 views

CVE-2025-9135

CVE-2025-9135 affects Verkehrsauskunft Österreich SmartRide, cleVVVer, BusBahnBim and Salzburg Verkehr on Android up to version 12.1.1(258). Root cause: improper export of AndroidManifest.xml components due to manipulation of an unknown function, enabling a local attack. Public exploit exists. Im...

5.5CVSS5AI score0.00257EPSS
Exploits1References7Affected Software1
ossf
ossf
added 2025/08/14 6:52 p.m.0 views

Malicious code in bim-authorization (npm)

The package bim-authorization was found to contain malicious code...

7AI score
Exploits0
osv
osv
added 2025/08/14 6:52 p.m.2 views

MAL-2025-9827 Malicious code in @zalastax/nolb-_bim (npm)

The package @zalastax/nolb-bim was found to contain malicious code...

7.2AI score
Exploits0
osv
osv
added 2025/08/14 6:52 p.m.0 views

MAL-2025-15687 Malicious code in bim-authorization (npm)

The package bim-authorization was found to contain malicious code...

7.2AI score
Exploits0
openbugbounty
openbugbounty
added 2023/06/13 2:49 p.m.8 views

iso16757-bim.com Cross Site Scripting vulnerability OBB-3424546

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
cnvd
cnvd
added 2022/01/27 12:0 a.m.36 views

FreeCAD ODA Command Injection Vulnerability

FreeCad is a free and open source general-purpose parametric 3D Cad modeler from the FreeCad community and supports the finite element method of building information modeling software. A command injection vulnerability exists in FreeCAD version 0.19, which stems from improper cleanup when calling...

7.8CVSS7.5AI score0.01102EPSS
Exploits1References1
openbugbounty
openbugbounty
added 2020/10/15 11:22 a.m.9 views

bim-bg.com Cross Site Scripting vulnerability OBB-1410935

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2020/10/12 10:29 a.m.6 views

bim-bg.com Cross Site Scripting vulnerability OBB-1400872

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2020/09/26 10:27 a.m.6 views

bim-architecture.com Cross Site Scripting vulnerability OBB-1365699

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
bdu_fstec
bdu_fstec
added 2020/09/24 12:0 a.m.5 views

The vulnerability of the graphical programming extension for Dynamo BIM lies in errors during the checking of the paths for loading dynamic libraries. This allows attackers to execute arbitrary code.

The vulnerability of Dynamo BIM’s graphical programming interface relates to errors in checking the path of dynamically loaded libraries. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00375EPSS
Exploits0References3Affected Software1
cnvd
cnvd
added 2020/04/20 12:0 a.m.4 views

Autodesk Dynamo BIM Code Issue Vulnerability

Autodesk Dynamo BIM is a suite of open-source graphic programming design software from Autodesk USA. A security vulnerability exists in Autodesk Dynamo BIM version 2.5.1 and 2.5.0, which originates from the program's inability to properly verify signatures. The vulnerability can be exploited by a...

7.8CVSS7.3AI score0.00375EPSS
Exploits0References1
nvd
nvd
added 2020/04/17 6:15 p.m.18 views

CVE-2020-7079

An improper signature validation vulnerability in Autodesk Dynamo BIM versions 2.5.1 and 2.5.0 may lead to code execution through maliciously crafted DLL files...

7.8CVSS7.8AI score0.00375EPSS
Exploits0References1
osv
osv
added 2020/04/17 6:15 p.m.4 views

CVE-2020-7079

An improper signature validation vulnerability in Autodesk Dynamo BIM versions 2.5.1 and 2.5.0 may lead to code execution through maliciously crafted DLL files...

7.8CVSS7.5AI score0.00375EPSS
Exploits0References1
prion
prion
added 2020/04/17 6:15 p.m.22 views

Input validation

An improper signature validation vulnerability in Autodesk Dynamo BIM versions 2.5.1 and 2.5.0 may lead to code execution through maliciously crafted DLL files...

4.4CVSS7.8AI score0.00375EPSS
Exploits0References1Affected Software1
cve
cve
added 2020/04/17 5:54 p.m.140 views

CVE-2020-7079

The CVE-2020-7079 entry concerns Autodesk Dynamo BIM, affected in versions 2.5.0 and 2.5.1, where improper signature validation could enable code execution via maliciously crafted DLL files. The vulnerability targets the signature verification process and could be triggered locally with user inte...

7.8CVSS7.8AI score0.00375EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder