Lucene search
K

74 matches found

Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.13 views

PT-2026-51360

Name of the Vulnerable Software and Affected Versions Autodesk Fusion Desktop affected versions not specified Description A flaw in the MCP extension allows arbitrary code execution when a user visits a maliciously crafted webpage while the software is running and the extension is enabled. A...

9.6CVSS6.4AI score0.00381EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/08/30 1:49 p.m.3 views

CVE-2010-10017 WM Downloader 3.1.2.2 Buffer Overflow via Malformed M3U File

WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler SEH records and execute arbitrary code. Exploitation...

8.4CVSS7.2AI score0.00304EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/30 12:0 a.m.8 views

PT-2025-35369

Name of the Vulnerable Software and Affected Versions: WM Downloader version 3.1.2.2 Description: WM Downloader version 3.1.2.2 is susceptible to a buffer overflow when handling a crafted .m3u playlist file. Insufficient input length validation allows overwriting of structured exception handler S...

8.4CVSS7.5AI score0.00304EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/02/14 12:0 a.m.9 views

The vulnerability of the XWiki platform for creating collaborative web applications lies in the insufficient verification of the authenticity of executed queries. This allows attackers to obtain the rights of the current user.

The vulnerability of the XWiki Platform lies in the insufficient verification of the authenticity of executed queries. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain the privileges of the current user through a specially created URL...

10CVSS7.6AI score0.00381EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/11/28 9:15 p.m.5 views

CVE-2023-29065

The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database...

4.3CVSS5.8AI score0.00274EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/28 12:0 a.m.5 views

BD FACSChorus Security Breach

BD FACSChorus is a multichannel flow cytometry system from BD Medical BD. A security vulnerability exists in the BD FACSChorus that originates from a software database that can be directly accessed with the privileges of the currently logged in user...

4.3CVSS6.7AI score0.00274EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.2 views

Safety 代码问题漏洞

Safety is a Python based software package for checking the safety of programs. A security vulnerability exists in Safety Designer 1.11.0 and earlier versions, which stems from a deserialization vulnerability in the .NET Framework classes used and not properly checked, which allows an attacker to...

7.8CVSS7.5AI score0.00335EPSS
Exploits0References3
CNVD
CNVD
added 2022/05/31 12:0 a.m.27 views

Microsoft Support Diagnostic Tool Remote Code Execution Vulnerability

Microsoft Support Diagnostic Tool MSDT, Microsoft Support Diagnostic Tool is a utility program used to troubleshoot and collect diagnostic data for professionals to analyze and solve problems.Microsoft Office is a popular office software developed by Microsoft Corporation. Microsoft Support...

9.3CVSS8.3AI score0.99374EPSS
Exploits62References1
BDU FSTEC
BDU FSTEC
added 2021/08/18 12:0 a.m.6 views

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with the privileges of the current user, using a specially crafted file...

8.8CVSS7.9AI score0.06231EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/02/28 12:0 a.m.1 views

Cisco UCS Manager Software Operating System Command Injection Vulnerability

The Cisco UCS 6400 Series Fabric Interconnects is a 6400 series switching matrix device from Cisco USA. An operating system command injection vulnerability exists in the local management CLI in Cisco UCS Manager Software, which stems from the program's failure to perform sufficient input validati...

7.8CVSS7.9AI score0.00439EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/02/11 12:0 a.m.8 views

PT-2020-1632 · Microsoft · Chakracore +1

Name of the Vulnerable Software and Affected Versions: Microsoft Edge ChakraCore affected versions not specified Description: The issue is related to errors in handling objects in memory by the ChakraCore scripting engine. This could allow a remote attacker to execute arbitrary code in the contex...

7.6CVSS7.6AI score0.10124EPSS
Exploits0References10
CNVD
CNVD
added 2019/10/11 12:0 a.m.1 views

Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36635)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge suffers from a memory corruption vulnerability in the Chakra scripting engine. The vulnerability stems from a problem in the way the Chakra scripting engine handles objects...

7.6CVSS7.2AI score0.09703EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/11 12:0 a.m.2 views

Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36636)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge suffers from a memory corruption vulnerability in the Chakra scripting engine. The vulnerability stems from a problem in the way the Chakra scripting engine handles objects...

7.6CVSS7.2AI score0.09509EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/09/17 12:0 a.m.5 views

The vulnerability of the Windows operating system, related to errors in processing files with the .LNK extension, allows a hacker to execute arbitrary code.

The vulnerability of the Windows operating system is related to errors in processing files with the extension .LNK. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system with current user privileges, by placing a specially created file in a network file...

7.3CVSS6AI score0.18982EPSS
Exploits0References2
CNVD
CNVD
added 2019/09/11 12:0 a.m.3 views

Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36637)

Edge is Microsoft's browser for Windows 10, Chakra JScript engine is a JavaScript engine developed by Microsoft for its Internet Explorer 9, Internet Explorer 10, Internet Explorer 11 and Microsoft Edge and other web browsers. Microsoft Edge suffers from a Chakra Scripting Engine memory corruptio...

7.6CVSS7AI score0.08673EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/11 12:0 a.m.2 views

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2019-39009)

Internet Explorer is a web browser from Microsoft. Formerly known as Microsoft Internet Explorer prior to version 6 and Windows Internet Explorer versions 7, 8, 9, 10, 11, or IE for short. A memory corruption vulnerability exists in the Microsoft Internet Explorer scripting engine. The...

7.6CVSS7AI score0.1911EPSS
Exploits1References1
CNVD
CNVD
added 2019/09/11 12:0 a.m.3 views

Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36876)

Edge is Microsoft's browser for Windows 10, characterized as fast and secure.Chakra JScript engine is a JavaScript engine developed by Microsoft for its Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, and Microsoft Edge web browsers. A memory corruption vulnerability in the Chakr...

7.6CVSS6.8AI score0.08673EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/08/16 12:0 a.m.9 views

The vulnerability of the Windows operating system, related to errors in processing files with the .LNK extension, allows a hacker to execute arbitrary code.

The vulnerability of the Windows operating system is related to errors in processing files with the extension .LNK. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system with current user privileges, by placing a specially created file in a network...

7.6CVSS6AI score0.03766EPSS
Exploits0References2
CNVD
CNVD
added 2019/08/14 12:0 a.m.2 views

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability

Internet Explorer is a web browser from Microsoft. Formerly known as Microsoft Internet Explorer prior to version 6 and Windows Internet Explorer versions 7, 8, 9, 10, 11, or IE for short. A memory corruption vulnerability exists in the Microsoft Internet Explorer scripting engine. The...

7.6CVSS7AI score0.03306EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/14 12:0 a.m.2 views

Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-28645)

Edge is Microsoft's browser for Windows 10.Chakra JScript engine is a JavaScript engine developed by Microsoft for its web browsers Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, and Microsoft Edge web browsers. A memory corruption vulnerability exists in Microsoft Edge. The...

7.6CVSS7.3AI score0.01934EPSS
Exploits0References1
Rows per page
Query Builder