Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1231 matches found

Positive Technologies
Positive Technologiesadded 2023/07/25 12:0 a.m.3 views

PT-2023-9543 · Pandoc +1 · Pandoc +1

Name of the Vulnerable Software and Affected Versions: Pandoc versions prior to 3.1.6 Description: The issue is related to insufficient input validation in the Pandoc library, which can be exploited to create or overwrite arbitrary files in the system. This can be achieved by using the...

6.3CVSS6.8AI score0.00049EPSS
Exploits1References32
CVE
CVEadded 2023/07/25 12:0 a.m.99 views

CVE-2023-38745

Pandoc-era vulnerability set affects Pandoc up to 3.1.6. CVE-2023-38745: before 3.1.6, an arbitrary file write is possible when processing crafted image elements with --extract-media or PDF output, depending on process privileges. Root cause ties to an incomplete/adjusted handling of paths and do...

6.3CVSS5.7AI score0.00049EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/07/25 12:0 a.m.17 views

Debian dla-3507 : libghc-pandoc-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3507 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3507-1 [email protected]...

6.3CVSS6.3AI score0.00049EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2023/07/14 12:0 a.m.2 views

PT-2023-35907 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash occurs in the initialize encryption key function, which is called by cli ole2 extra...

6.8AI score
Exploits0References2
SUSE CVE
SUSE CVEadded 2023/07/07 2:18 a.m.2 views

SUSE CVE-2023-35936

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafte...

5.3CVSS7.4AI score0.00039EPSS
Exploits1References4
OSV
OSVadded 2023/07/05 9:15 p.m.1 views

DEBIAN-CVE-2023-35936

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafte...

5CVSS6AI score0.00039EPSS
Exploits1References1
OSV
OSVadded 2023/07/05 9:15 p.m.0 views

UBUNTU-CVE-2023-35936

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafte...

6.1CVSS6.4AI score0.00039EPSS
Exploits1References3
Cvelist
Cvelistadded 2023/07/05 8:37 p.m.14 views

CVE-2023-35936 Arbitrary file write is possible in Pandoc when using PDF output or --extract-media with untrusted input

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafte...

6.1CVSS6.7AI score0.00039EPSS
Exploits1References5
Debian CVE
Debian CVEadded 2023/07/05 8:37 p.m.118 views

CVE-2023-35936

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafte...

6.1CVSS5.7AI score0.00039EPSS
Exploits1
CVE
CVEadded 2023/07/05 8:37 p.m.77 views

CVE-2023-35936

Pandoc (the Haskell library/CLI) is affected from 1.13 up to but not including 3.1.4. An arbitrary file write could be triggered by a crafted image element when using --extract-media or when generating PDF, enabling creation/overwrite of files based on process privileges. Root cause involves flaw...

6.1CVSS5.9AI score0.00039EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologiesadded 2023/07/04 12:0 a.m.3 views

PT-2023-9554

Name of the Vulnerable Software and Affected Versions Pandoc versions 1.13 through 3.1.4 Description Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media...

6.3CVSS6.3AI score0.00049EPSS
Exploits1References47
Microsoft CVE
Microsoft CVEadded 2023/06/26 7:0 a.m.2 views

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753.

...

5.5CVSS7.1AI score0.00052EPSS
Exploits1
ATTACKERKB
ATTACKERKBadded 2023/06/21 8:15 p.m.1 views

CVE-2023-25435

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits at /libtiff/tools/tiffcrop.c:3753...

5.5CVSS7.1AI score0.00052EPSS
Exploits1References2
OSV
OSVadded 2023/06/21 8:15 p.m.0 views

UBUNTU-CVE-2023-25435

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits at /libtiff/tools/tiffcrop.c:3753...

5.5CVSS7.1AI score0.00052EPSS
Exploits1References2
RedHat Linux
RedHat Linuxadded 2023/06/21 2:50 p.m.4 views

libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to a use-after-free problem in the extractContigSamplesShifted32bits function in tools/tiffcrop.c, resulting in a Denial of Service...

6.8CVSS7.3AI score0.00014EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2023/06/21 2:50 p.m.2 views

libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification...

6.8CVSS7.3AI score0.00026EPSS
Exploits1References4
Microsoft CVE
Microsoft CVEadded 2023/06/19 7:0 a.m.3 views

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.

...

8.8CVSS7.1AI score0.00236EPSS
Exploits1
OSV
OSVadded 2023/06/14 8:15 p.m.1 views

DEBIAN-CVE-2023-25434

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes at /libtiff/tools/tiffcrop.c:3215...

8.8CVSS6.7AI score0.00236EPSS
Exploits1References1
OSV
OSVadded 2023/06/14 8:15 p.m.1 views

UBUNTU-CVE-2023-25434

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes at /libtiff/tools/tiffcrop.c:3215...

8.8CVSS6.8AI score0.00236EPSS
Exploits1References3
OSV
OSVadded 2023/05/19 3:15 p.m.2 views

UBUNTU-CVE-2023-30775

A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c...

5.5CVSS7.3AI score0.00073EPSS
Exploits0References4
Rows per page
Query Builder