Lucene search
K

116 matches found

Positive Technologies
Positive Technologies
added 2025/05/29 12:0 a.m.8 views

PT-2025-31243 · Autodesk · Autodesk Products

Name of the Vulnerable Software and Affected Versions: Autodesk products affected versions not specified Description: A maliciously crafted PRT file, when parsed, can lead to an Out-of-Bounds Write. This can result in a crash, data corruption, or arbitrary code execution within the current proces...

7.8CVSS7.3AI score0.00163EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 4:8 a.m.5 views

CVE-2023-38524

A vulnerability has been identified in Parasolid V34.1 All versions V34.1.258, Parasolid V35.0 All versions V35.0.254, Parasolid V35.1 All versions V35.1.171, Teamcenter Visualization V14.1 All versions V14.1.0.11, Teamcenter Visualization V14.2 All versions V14.2.0.6, Teamcenter Visualization...

7.8CVSS7AI score0.00189EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:49 a.m.8 views

CVE-2023-32418

The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution...

7.8CVSS6.7AI score0.00423EPSS
Exploits0References1
CVE
CVE
added 2025/05/23 1:5 a.m.59 views

CVE-2025-5099

CVE-2025-5099 affects Mobile Dynamix PrinterShare Mobile Print (Android). The KoreLogic advisory KL-001-2025-004 states an Out-of-Bounds Write in the native library during PDF rendering (libpdfrender.so) can cause memory corruption and potentially arbitrary code execution. Affected version: up to...

9.8CVSS7.5AI score0.00576EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 6:18 p.m.11 views

CVE-2021-21797

An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different places. When closed, the document will result in the reference being released twice. This can lea...

8.8CVSS6.9AI score0.15046EPSS
Exploits1References1
NVD
NVD
added 2025/05/19 8:15 a.m.16 views

CVE-2025-47755

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4SaveEnvFile function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution...

8.4CVSS0.00191EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/15 12:0 a.m.11 views

Debian dla-4163 : bundler - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4163 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4163-1 [email protected]...

9.3CVSS8.4AI score0.02796EPSS
Exploits1References8
CVE
CVE
added 2025/04/29 1:13 p.m.151 views

CVE-2025-4091

CVE-2025-4091 involves memory-safety bugs in Mozilla Firefox and Thunderbird. The initial entry notes memory corruption evidence and indicates that attackers could potentially exploit some bugs to run arbitrary code, affecting Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and T...

8.1CVSS7.3AI score0.00415EPSS
Exploits0References6Affected Software2
CNVD
CNVD
added 2025/04/09 12:0 a.m.7 views

PyTorch torch.nn.utils.rnn.unpack_sequence function buffer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a buffer overflow vulnerability that stems from the failure of the function torch.nn.utils.rnn.unpacksequence to properly validate the length size of input data, which can be exploited by an attacker to execute arbitrary co...

5.3CVSS8.1AI score0.00185EPSS
Exploits0References1
Adobe
Adobe
added 2025/04/08 12:0 a.m.19 views

APSB25-33 : Security update available for Adobe FrameMaker

Adobe has released a security update for Adobe FrameMaker. This update addresses critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, memory leak and application denial-of-service...

8.1AI score
Exploits0
Cvelist
Cvelist
added 2025/04/04 5:22 a.m.18 views

CVE-2024-13645 TagDiv Composer <= 5.3 - Unauthenticated Arbitrary PHP Object Instantiation

The tagDiv Composer plugin for WordPress is vulnerable to PHP Object Instantiation in all versions up to, and including, 5.3 via module parameter. This makes it possible for unauthenticated attackers to Instantiate a PHP Object. No known POP chain is present in the vulnerable software, which mean...

9.8CVSS0.00667EPSS
Exploits0References2
OSV
OSV
added 2025/03/20 10:11 a.m.5 views

CVE-2024-8238 Unrestricted Code Execution in aimhubio/aim

In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safergetattr function from RestrictedPython. This version does not protect against the str.formatmap method, allowing an attacker to leak server-side secrets or potentially gain unrestricted code execution...

5.9CVSS6.5AI score0.00702EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/03/20 7:29 a.m.13 views

CVE-2025-2505 Age Gate <= 3.5.3 - Unauthenticated Local PHP File Inclusion via 'lang'

The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in those...

9.8CVSS9.9AI score0.01229EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2021-35266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In NTFS-3G versions 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory...

7.8CVSS6.8AI score0.00488EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2020-8945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This lea...

7.5CVSS7.1AI score0.05071EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/02/18 12:0 a.m.9 views

Mozilla Firefox < 135.0.1

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 135.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-12 advisory. - Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of memory corruption and we presume...

6.5CVSS7.6AI score0.00436EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.10 views

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : OpenRefine vulnerabilities (USN-7260-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7260-1 advisory. It was discovered that OpenRefine did not properly handle opening tar files. If a user or application were tricked into opening a...

9.8CVSS7.6AI score0.45473EPSS
Exploits8References11
RedhatCVE
RedhatCVE
added 2025/02/05 7:44 p.m.8 views

CVE-2022-40985

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS7.6AI score0.01649EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:2 a.m.11 views

CVE-2024-10571

The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the executio...

9.8CVSS7.9AI score0.04841EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2025/02/04 12:0 a.m.12 views

mozilla -- multiple vulnerabilities

[email protected] reports: A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have...

9.8CVSS8.2AI score0.00628EPSS
Exploits0References4
Rows per page
Query Builder