Lucene search
K

129 matches found

CNNVD
CNNVD
added 2024/06/18 12:0 a.m.5 views

Actiontec Electronics WEB6000Q Security Vulnerability

Actiontec Electronics WEB6000Q is a wireless extender from Actiontec Electronics, Inc. A security vulnerability exists in the Actiontec Electronics WEB6000Q that stems from a lack of proper validation of the length of user-supplied data before it is copied into a fixed-length stack-based buffer. ...

8.8CVSS7.2AI score0.01119EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:16 a.m.3 views

CVE-2023-51596

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must...

7.1CVSS6.2AI score0.01493EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/05/03 3:15 a.m.3 views

CVE-2023-42083

PDF-XChange Editor JPG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

7.8CVSS6.2AI score0.00439EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.4 views

CVE-2023-37342

Kofax Power PDF PNG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS7.6AI score0.00271EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/05/03 2:15 a.m.5 views

CVE-2023-34289

Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS6.2AI score0.00399EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.5 views

Hancom Office 安全漏洞

Hancom Office is a mobile office program from the Korean company Hancom. The program supports viewing and editing documents in multiple formats. A security vulnerability exists in Hancom Office that stems from a lack of proper validation of the length of user-supplied data before copying it to a...

7.8CVSS7.6AI score0.00338EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.3 views

GStreamer 安全漏洞

GStreamer is a set of frameworks for processing streaming media. A security vulnerability exists in GStreamer that stems from a lack of proper validation of the length of user-supplied data before copying it to a stack-based fixed-length buffer...

8.8CVSS6.8AI score0.01534EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/01 12:0 a.m.5 views

PT-2024-9031 · Trimble · Trimble Sketchup Viewer

Name of the Vulnerable Software and Affected Versions: Trimble SketchUp Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this issue, where...

7.8CVSS7.2AI score0.0034EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/04/03 12:0 a.m.4 views

Kofax Power PDF 安全漏洞

Kofax Power PDF is a professional PDF editing and management software from Kofax. A security vulnerability exists in Kofax Power PDF that stems from a specific flaw in the parsing of PDF files, which lacks proper validation of the length of user-supplied data prior to copying it into a heap-based...

7.8CVSS8AI score0.00415EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/02/27 3:56 a.m.8 views

SUSE CVE-2023-52454

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmettcpbuildpduiovec. Unable to handle kernel NULL pointer dereference a...

6.5CVSS7.6AI score0.00228EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2024/01/04 12:0 a.m.11 views

PT-2024-14203 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required, where the target must visit a malicious page...

7.8CVSS7.2AI score0.0087EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/11/03 12:0 a.m.9 views

PT-2023-7232 · Gstreamer +6 · Gstreamer +6

Name of the Vulnerable Software and Affected Versions: GStreamer affected versions not specified Description: The issue is related to a heap-based buffer overflow in the AV1 Codec parsing of the GStreamer multimedia framework. This allows remote attackers to execute arbitrary code on affected...

10CVSS8AI score0.02189EPSS
Exploits0References83
Positive Technologies
Positive Technologies
added 2023/09/08 12:0 a.m.4 views

PT-2023-28245 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

7.8CVSS7.3AI score0.00439EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/06/12 12:0 a.m.5 views

PT-2023-4042 · Gstreamer +6 · Gstreamer +6

Name of the Vulnerable Software and Affected Versions: GStreamer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of GStreamer. The specific flaw exists within the parsing of SRT subtitle files, resulting from the...

10CVSS7.7AI score0.02189EPSS
Exploits0References89
CNNVD
CNNVD
added 2023/04/20 12:0 a.m.6 views

Sonos One Speaker 安全漏洞

Sonos One Speaker is a smart speaker from Sonos USA. A security vulnerability exists in Sonos One Speaker version 70.3-35220, which stems from a failure to properly validate the length of user-supplied data. An attacker could exploit the vulnerability to execute code in a rooted environment...

8.8CVSS8.5AI score0.00814EPSS
Exploits0References3
OSV
OSV
added 2023/03/29 7:15 p.m.3 views

CVE-2022-42431

This vulnerability allows local attackers to escalate privileges on affected Tesla vehicles. An attacker must first obtain the ability to execute privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the bcmdhd driver. The issue results from...

7.8CVSS6.2AI score0.00312EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/03/16 12:0 a.m.22 views

Adobe Dimension USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of USD...

7.8CVSS7.7AI score0.00421EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/07 12:0 a.m.9 views

Ffmpeg integer overflow vulnerability (CNVD-2025-01690)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the Ffmpeg team. FFmpeg suffers from an integer overflow vulnerability that stems from a failure to properly validate data length in the g729parse function when processing specially crafted files. An attack...

5.5CVSS6.7AI score0.0089EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/04/07 12:0 a.m.3 views

Bentley Systems MicroStation 代码注入漏洞

Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A code injection vulnerability exists in Bentley MicroStation CONNECT version 10.16.02.34, which originates from a failure to properly validate the length of user-supplied data...

7.8CVSS7.7AI score0.00897EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/03/23 12:0 a.m.23 views

HP 多款产品跨站脚本漏洞

HP Color LaserJet Pro and others are products of Hewlett-Packard HP in the U.S. HP Color LaserJet Pro is a line of color printers.HP PageWide Pro is a line of multifunction printers.HP LaserJet Printers is a line of... A security vulnerability exists in multiple HP products that stems from a lack...

6.1CVSS7.4AI score0.00695EPSS
Exploits0References4
Rows per page
Query Builder