Lucene search
K

116 matches found

Ubuntu
Ubuntu
added 2025/01/22 3:35 p.m.157 views

USN-7223-1: OpenJPEG vulnerabilities

Frank Zeng discovered that OpenJPEG incorrectly handled memory when using the decompression utility. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-56826, CVE-2024-56827...

5.6CVSS7.2AI score0.00309EPSS
Exploits0
Cvelist
Cvelist
added 2025/01/14 6:3 p.m.21 views

CVE-2025-21171 .NET Remote Code Execution Vulnerability

...

7.5CVSS0.01637EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/01/13 12:0 a.m.34 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : xmltok library vulnerabilities (USN-7199-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7199-1 advisory. It was discovered that Expat, contained within the xmltok library, incorrectly handled malformed XML data. If...

9.8CVSS8.2AI score0.19069EPSS
Exploits6References13
OSV
OSV
added 2025/01/07 4:15 p.m.12 views

CVE-2025-0242

Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary cod...

6.5CVSS7.2AI score
Exploits0References7
OSV
OSV
added 2024/07/02 8:15 p.m.10 views

UBUNTU-CVE-2023-24531

Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...

9.8CVSS7.1AI score0.00833EPSS
Exploits0References9
CNVD
CNVD
added 2024/06/28 12:0 a.m.14 views

Autodesk AutoCAD Out-of-Bounds Read Vulnerability (CNVD-2024-33000)

Autodesk AutoCAD is a set of professional 3D drawing software from the American Autodesk Corporation. An out-of-bounds read vulnerability exists in Autodesk AutoCAD version 2024.1.5, which stems from a lack of proper validation of user-supplied data when parsing a maliciously crafted MODEL file i...

7.8CVSS7.2AI score0.00403EPSS
Exploits0References1
Redos
Redos
added 2024/03/13 12:0 a.m.3 views

ROS-2-2077

2.2077 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability Description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS8.6AI score0.01368EPSS
Exploits0
Lenovo
Lenovo
added 2024/02/13 11:14 p.m.10 views

Multi-vendor BIOS Security Vulnerabilities (February, 2024) - Lenovo Support US

No description provided...

6.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/01/12 12:0 a.m.5 views

CVE-2016-20021

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.5AI score0.00464EPSS
Exploits0References3
OSV
OSV
added 2023/06/02 5:15 p.m.6 views

CVE-2023-23605

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerabilit...

8.8CVSS7.4AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/01/13 12:0 a.m.3 views

PT-2023-14075 · Nvidia · Nvidia Bmc

Name of the Vulnerable Software and Affected Versions: NVIDIA BMC affected versions not specified Description: The issue is related to a buffer overflow in the IPMI handler of NVIDIA BMC, which can be exploited by an authorized attacker to cause a denial of service or potentially gain code...

7.8CVSS7.7AI score0.00253EPSS
Exploits0References3
OSV
OSV
added 2022/12/22 8:15 p.m.12 views

CVE-2022-46878

Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

8.8CVSS9.8AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/10/21 12:0 a.m.7 views

PT-2022-26662 · Autodesk · Autodesk Design Review

Name of the Vulnerable Software and Affected Versions: Autodesk DesignReview versions affected versions not specified Description: A maliciously crafted .dwf or .pct file consumed through the DesignReview.exe application could lead to a memory corruption issue due to a write access violation. Thi...

7.8CVSS7.8AI score0.00338EPSS
Exploits0References3
OSV
OSV
added 2022/06/14 9:57 a.m.6 views

SUSE-SU-2022:2071-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.36.3 bsc1200106 - CVE-2022-30293: Fixed heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer bsc1199287. - CVE-2022-26700: Fixed memory corruption issue that may lead to code execution when processi...

8.8CVSS8.8AI score0.02158EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2022/04/18 4:56 p.m.3 views

CVE-2020-28615

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...

10CVSS8.9AI score0.02256EPSS
Exploits1References3
OSV
OSV
added 2021/09/23 4:49 a.m.3 views

MGASA-2021-0427 Updated thunderbird packages fix security vulnerability

Mozilla developers Tyson Smith and Gabriele Svelto reported memory safety bugs present in Thunderbird ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code CVE-2021-38493. The...

8.8CVSS9.2AI score0.01205EPSS
Exploits0References11
CNVD
CNVD
added 2021/01/22 12:0 a.m.10 views

ASUS RT-AX86U suffers from a buffer overflow vulnerability

The RT-AX86U is a WiFi6 gaming router. The ASUS RT-AX86U suffers from a buffer overflow vulnerability that can be exploited by an attacker to trigger a memory corruption that could lead to code execution...

8.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2020/09/01 12:0 a.m.7 views

PT-2020-14809 · N Tron · N-Tron 702M12-W +1

Name of the Vulnerable Software and Affected Versions: N-Tron 702-W / 702M12-W all versions Description: The issue concerns reflected cross-site scripting, which could allow an attacker to execute arbitrary code and perform actions in the context of an attacked user. Recommendations: For all...

9CVSS9.2AI score0.03233EPSS
Exploits2References5
OSV
OSV
added 2017/11/16 7:39 a.m.9 views

MGASA-2017-0410 Updated flash-player-plugin packages fixes security vulnerabilities

Adobe Flash Player 27.0.0.187 addresses critical vulnerabilities that could lead to code execution. The update fixes out-of-bounds reads CVE-2017-3112, CVE-2017-3114, CVE-2017-11213 and use-after-free issues CVE-2017-11215, CVE-2017-11225...

10CVSS9.9AI score0.06518EPSS
Exploits0References3
OSV
OSV
added 2017/08/28 10:48 p.m.10 views

MGASA-2017-0317 Chromium-browser 60.0.3112.101 fixes security issues

Multiple flaws were found in the way Chromium 57 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060,...

8.8CVSS8AI score0.31212EPSS
Exploits1References12
Rows per page
Query Builder