Lucene search
+L

137 matches found

OSV
OSV
added 2024/10/24 10:15 p.m.6 views

UBUNTU-CVE-2024-49760

OpenRefine is a free, open source tool for working with messy data. The load-language command expects a lang parameter from which it constructs the path of the localization file to load, of the form translations-$LANG.json. But when doing so in versions prior to 3.8.3, it does not check that the...

7.1CVSS5.8AI score0.00597EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/09/26 12:0 a.m.4 views

Agnaistic 安全漏洞

Agnaistic is a chatbot from Agnaistic Open Source. A security vulnerability exists in Agnaistic version 1.0.330 and earlier versions. An attacker can exploit this vulnerability to read arbitrary JSON files at any location on the server...

4.3CVSS6.4AI score0.00468EPSS
Exploits0References2
OSV
OSV
added 2024/08/31 12:15 a.m.8 views

AZL-48412 CVE-2024-8006 affecting package nmap for versions less than 7.95-2

Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcapfindalldevsex. One of the function arguments can be a filesystem path, which normally means a directory with...

4.4CVSS6.4AI score0.0022EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/06/30 2:0 p.m.6 views

R Language Vulnerable to Arbitrary Code Execution via Malicious RDS Files (v1.4.0–<4.4.0)

...

8.8CVSS8.1AI score0.23618EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.7 views

PT-2024-26268 · Taurusxin · Ncmdump

Name of the Vulnerable Software and Affected Versions: taurusxin ncmdump version 1.3.2 Description: The issue allows attackers to cause a Denial of Service DoS via memory exhaustion by supplying a crafted .ncm file. Recommendations: For version 1.3.2, consider avoiding the use of crafted .ncm fil...

7.5CVSS7.1AI score0.00642EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2024/05/17 12:0 a.m.10 views

The vulnerability of the R programming language interpreter, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code in the target system.

The vulnerability of the R programming language interpreter is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system using specially created RDS and .rdx files...

8.1CVSS8.4AI score0.23618EPSS
Exploits0References9Affected Software3
OSV
OSV
added 2024/04/29 1:15 p.m.3 views

DEBIAN-CVE-2024-27322

Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS R Data Serialization formatted file or R package to run arbitrary code on an end user’s system when interacted...

8.8CVSS8.6AI score0.23618EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/09/18 6:15 a.m.6 views

CVE-2023-42520

Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...

7.5CVSS7.1AI score0.00515EPSS
Exploits0References2
OSV
OSV
added 2023/09/18 6:15 a.m.7 views

CVE-2023-42520

Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...

7.5CVSS5.6AI score0.00515EPSS
Exploits0References1
NVD
NVD
added 2023/09/18 6:15 a.m.13 views

CVE-2023-42520

Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...

7.5CVSS7.5AI score0.00515EPSS
Exploits0References1
Prion
Prion
added 2023/09/18 6:15 a.m.18 views

Code injection

Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...

5CVSS7.5AI score0.00515EPSS
Exploits0References1Affected Software7
Prion
Prion
added 2023/09/18 6:15 a.m.19 views

Code injection

Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Clien...

5CVSS7.5AI score0.00515EPSS
Exploits0References1Affected Software7
Vulnrichment
Vulnrichment
added 2023/09/18 12:0 a.m.11 views

CVE-2023-42520

Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...

7AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/18 12:0 a.m.22 views

CVE-2023-42520

Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...

7.7AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/18 12:0 a.m.31 views

CVE-2023-42526

Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Clien...

7.7AI score0.00515EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/18 12:0 a.m.20 views

CVE-2023-42526

Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Clien...

7AI score0.00515EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/03/26 12:0 a.m.9 views

The vulnerability of Adobe Dimension’s 3D design software lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe Dimension’s 3D design software relates to the execution of operations beyond the buffer boundaries in memory when processing USD files. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...

7.8CVSS8AI score0.00421EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.4 views

SUSE CVE-2021-42771

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files containing serialized Python objects via directory traversal, leading to code execution...

7.8CVSS8.3AI score0.00716EPSS
Exploits1References16
OSV
OSV
added 2022/10/18 3:14 p.m.26 views

GO-2022-1040 Insufficient sanitization of data files in helm.sh/helm/v3

Helm does not sanitize all fields read from repository data files. A maliciously crafted data file may contain strings containing arbitrary data. If printed to a terminal, a malicious string could obscure or alter data on the screen...

6.8CVSS6.6AI score0.0103EPSS
Exploits0References2
Fedora
Fedora
added 2022/07/30 1:55 a.m.16 views

[SECURITY] Fedora 36 Update: golang-github-axgle-mahonia-0-0.14.20181112git3358181.fc36

Mahonia is a character-set conversion library implemented in Go. All data is compiled into the executable; it doesn't need any external data files...

5AI score
Exploits0
Rows per page
Query Builder