Lucene search
+L

71 matches found

ptsecurity
ptsecurity
added 2024/02/21 12:0 a.m.6 views

PT-2024-18240 · Garo · Garo Wallbox Glb+ T2Ev7

Name of the Vulnerable Software and Affected Versions: GARO WALLBOX GLB+ T2EV7 version 0.5 Description: A problematic issue was found in the Software Update Handler component, affecting an unknown part of the file /index.jspsettings. The manipulation of the Reference argument leads to cross-site...

6.1CVSS6.5AI score0.00658EPSS
Exploits1References8
zdi
zdi
added 2023/12/14 12:0 a.m.22 views

Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

3.3CVSS6.3AI score0.00424EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/12/13 1:10 p.m.32 views

CVE-2023-47061 ZDI-CAN-22278: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

5.5CVSS6AI score0.00424EPSS
Exploits0References1
cvelist
cvelist
added 2023/12/13 1:10 p.m.33 views

CVE-2023-47061 ZDI-CAN-22278: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

5.5CVSS5.3AI score0.00424EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2023/09/22 12:0 a.m.7 views

The vulnerability of Adobe Dimension’s 3D design software lies in its software, which allows a malicious actor to execute arbitrary code after memory is freed.

The vulnerability of Adobe Dimension’s 3D design software relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created GLB file...

7.8CVSS7.6AI score0.00299EPSS
Exploits0References5Affected Software1
zdi
zdi
added 2023/09/12 12:0 a.m.30 views

Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

5.3CVSS6.8AI score0.00903EPSS
Exploits0References1
nvd
nvd
added 2023/08/28 1:15 p.m.21 views

CVE-2018-25089

A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to versi...

5.3CVSS4.5AI score0.00502EPSS
Exploits0References4
osv
osv
added 2023/08/28 1:15 p.m.17 views

CVE-2018-25089

A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to versi...

5.3CVSS7.2AI score
Exploits0References4
prion
prion
added 2023/08/28 1:15 p.m.20 views

Design/Logic Flaw

A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to versi...

5CVSS5.4AI score0.00502EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2023/08/28 12:31 p.m.28 views

CVE-2018-25089 glb Meetup Tag Extension Link Attribute reverse tabnabbing

A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to versi...

3.5CVSS5.4AI score0.00502EPSS
Exploits0References4
cve
cve
added 2023/08/28 12:31 p.m.42 views

CVE-2018-25089

CVE-2018-25089 affects glb Meetup Tag Extension for MediaWiki (version 0.1). Root cause involves the Link Attribute Handler allowing manipulation leading to a web link being opened in a context with window.opener access (classic reverse tabnabbing risk). Upgrading to version 0.2 mitigates the iss...

5.3CVSS4.7AI score0.00502EPSS
Exploits0References4Affected Software1
vulnrichment
vulnrichment
added 2023/08/28 12:31 p.m.13 views

CVE-2018-25089 glb Meetup Tag Extension Link Attribute reverse tabnabbing

A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to versi...

3.5CVSS6.9AI score0.00502EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2023/08/28 12:0 a.m.5 views

PT-2023-10829 · Mediawiki · Glb Meetup Tag Extension

Name of the Vulnerable Software and Affected Versions: glb Meetup Tag Extension version 0.1 Description: A vulnerability was found in the glb Meetup Tag Extension on MediaWiki, affecting the Link Attribute Handler component. The issue leads to the use of a web link to an untrusted target with...

5.3CVSS7.2AI score0.00502EPSS
Exploits0References9
zdi
zdi
added 2023/08/14 12:0 a.m.25 views

Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

3.3CVSS5.8AI score0.00274EPSS
Exploits0References1
zdi
zdi
added 2023/08/14 12:0 a.m.20 views

Adobe Dimension GLB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GLB...

7.8CVSS6.8AI score0.003EPSS
Exploits0References1
zdi
zdi
added 2023/08/14 12:0 a.m.18 views

Adobe Dimension GLB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GLB...

7.8CVSS6.8AI score0.00299EPSS
Exploits0References1
cvelist
cvelist
added 2023/08/09 8:23 a.m.20 views

CVE-2023-38212 ZDI-CAN-21093: Adobe Dimension GLB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Adobe Dimension version 3.4.9 is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS8AI score0.003EPSS
Exploits0References1
cvelist
cvelist
added 2023/08/09 8:23 a.m.24 views

CVE-2023-38213 ZDI-CAN-21094: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.9 is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a...

5.5CVSS6.2AI score0.00274EPSS
Exploits0References1
zdi
zdi
added 2023/03/31 12:0 a.m.22 views

Microsoft 3D Builder GLB File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.8AI score
Exploits0
zdi
zdi
added 2023/03/31 12:0 a.m.14 views

Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.8AI score
Exploits0
Rows per page
Query Builder