Lucene search
K

154 matches found

ATTACKERKB
ATTACKERKB
added 2025/08/20 3:37 p.m.7 views

CVE-2011-10023

MJM QuickPlayer also known as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code...

8.4CVSS6.3AI score0.00324EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2025/08/20 3:37 p.m.12 views

CVE-2011-10024

CVE-2011-10024 affects MJM Core Player (2011) where the .s3m file parser has a stack-based buffer overflow due to improper bounds checking. The vulnerability is triggered when a user opens a crafted .s3m file, allowing an attacker to overwrite stack memory and execute arbitrary code. Exploitation...

8.4CVSS7.5AI score0.00331EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/20 3:37 p.m.9 views

CVE-2011-10024 MJM Core Player 2011 .s3m File Stack-Based Buffer Overflow

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

8.4CVSS0.00331EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.9 views

PT-2025-34104

Name of the Vulnerable Software and Affected Versions MJM QuickPlayer version 2010 Description MJM QuickPlayer also known as MJM Player contains a stack-based buffer overflow triggered by opening a malicious .s3m music file. This issue arises from improper bounds checking in the file parser, whic...

8.4CVSS8AI score0.00324EPSS
Exploits0References7
Adobe
Adobe
added 2025/07/08 12:0 a.m.11 views

APSB25-60 : Security update available for Adobe InDesign

Adobe has released a security update for Adobe InDesign. This update addresses critical vulnerabilities that could lead to arbitrary code execution...

8.2AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 5:57 a.m.4 views

CVE-2017-8776

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the...

7.5CVSS7.5AI score0.00926EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Ensure That Removable Device Partitions Are Mounted Using noexec and nodev

The security of removable devices cannot be ensured completely due to a lot of factors, such as the source, usage, and transportation process. In this sense, removable devices are the main host for viruses. Therefore, removable devices must be mounted using noexec and nodev to improve security an...

6.8AI score
Exploits0References4
Packet Storm
Packet Storm
added 2025/02/14 12:0 a.m.352 views

Using Valgrind on Chrome

Brief script that demonstrates running valgrind and afl-fuzz on Google Chrome. This favorite code for security auditing and memory leak detection with Valgrind runs the Valgrind tool and several other tools to check for memory leaks, which can lead to resource buffer overflows and more. Exploit /...

7.3AI score
Exploits0
Adobe
Adobe
added 2025/02/11 12:0 a.m.24 views

APSB25-10 : Security update available for Adobe InCopy

Adobe has released a security update for Adobe InCopy. This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution...

7.8CVSS8.2AI score0.00327EPSS
Exploits0Affected Software1
Adobe
Adobe
added 2025/02/11 12:0 a.m.89 views

APSB25-08 : Security update available for Adobe Commerce

Adobe has released a security update for Adobe Commerce and Magento Open Source. This update resolves critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution, security feature bypass and privilege escalation...

6.8AI score
Exploits0Affected Software3
RedhatCVE
RedhatCVE
added 2025/02/05 3:38 a.m.6 views

CVE-2024-45398

Contao is an Open Source CMS. In affected versions a back end user with access to the file manager can upload malicious files and execute them on the server. Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to update are advised to configure their web server so it does...

8.8CVSS7.1AI score0.00532EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/29 12:0 a.m.4 views

PT-2025-4053 · Unknown · Esafenet Cdg

Name of the Vulnerable Software and Affected Versions: ESAFENET CDG version V5 Description: A critical issue has been found in an unknown functionality of the file "/todoDetail.jsp". The manipulation of the flowId argument leads to SQL injection. The attack can be launched remotely. The exploit h...

9.8CVSS7.1AI score0.00585EPSS
Exploits1References11
CVE
CVE
added 2024/07/31 4:42 p.m.64 views

CVE-2024-41953

ZITAdel ( Zitadel ) has a vulnerability (CVE-2024-41953) due to improper HTML sanitization in emails and Console UI. The issue allows untrusted user- or admin-provided content (such as usernames and email body content) to include HTML/JS that could render in emails and user pages. Impact describe...

6.1CVSS4.6AI score0.00608EPSS
Exploits0References15Affected Software1
GithubExploit
GithubExploit
added 2024/01/26 9:35 a.m.396 views

Exploit for CVE-2023-47400

CVE-2023-47400 Proof of Concept for the CVE-2023-47400 Aut...

8.9AI score
Exploits1
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.7 views

PT-2024-14051 · Buffalo · Buffalo Ls210D

Name of the Vulnerable Software and Affected Versions: Buffalo LS210D version 1.78-0.03 Description: The issue allows a remote attacker to execute arbitrary code via the Firmware Update Script at "/etc/init.d/update notifications.sh". Recommendations: For Buffalo LS210D version 1.78-0.03, as a...

8.1CVSS8.3AI score0.01312EPSS
Exploits1References5
OSV
OSV
added 2023/11/02 2:15 p.m.4 views

CVE-2023-29044

Documents operations could be manipulated to contain invalid data types, possibly script code. Script code could be injected to an operation that would be executed for users that are actively collaborating on the same document. Operation data exchanged between collaborating parties does now get...

5.4CVSS5.9AI score0.00383EPSS
Exploits0References2
OSV
OSV
added 2023/10/19 7:54 a.m.6 views

SUSE-SU-2023:4130-1 Security update for grub2

This update for grub2 fixes the following issues: - CVE-2023-4692: Fixed an out-of-bounds write at fs/ntfs.c which may lead to unsigned code execution. bsc1215935 - CVE-2023-4693: Fixed an out-of-bounds read at fs/ntfs.c which may lead to leak sensitive information. bsc1215936...

7.8CVSS7.7AI score0.00536EPSS
Exploits2References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.3 views

SUSE CVE-2017-7782

An error in the "WindowsDllDetourPatcher" where a RWX "Read/Write/Execute" 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird 52.3, Firefox...

5.3CVSS8.7AI score0.01079EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.5 views

SUSE CVE-2017-15785

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from CADImage+0x0000000000286a79."...

7.8CVSS7.8AI score0.01173EPSS
Exploits0References3
OSV
OSV
added 2022/07/04 6:30 p.m.10 views

CLSA-2022-1656959440 Fixed CVE-2016-10009 in openssh-5.3p1

CVE-2016-10009: add whitelist of paths which may ssh-agent load from in order to prevent execution of arbitrary local pkcs11...

7.5CVSS7.1AI score0.37431EPSS
Exploits4References1
Rows per page
Query Builder