71 matches found
PT-2024-18240 · Garo · Garo Wallbox Glb+ T2Ev7
Name of the Vulnerable Software and Affected Versions: GARO WALLBOX GLB+ T2EV7 version 0.5 Description: A problematic issue was found in the Software Update Handler component, affecting an unknown part of the file /index.jspsettings. The manipulation of the Reference argument leads to cross-site...
Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
CVE-2023-47061 ZDI-CAN-22278: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...
CVE-2023-47061 ZDI-CAN-22278: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...
The vulnerability of Adobe Dimension’s 3D design software lies in its software, which allows a malicious actor to execute arbitrary code after memory is freed.
The vulnerability of Adobe Dimension’s 3D design software relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created GLB file...
Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...
CVE-2018-25089
A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to versi...
CVE-2018-25089
A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to versi...
Design/Logic Flaw
A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to versi...
CVE-2018-25089 glb Meetup Tag Extension Link Attribute reverse tabnabbing
A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to versi...
CVE-2018-25089
CVE-2018-25089 affects glb Meetup Tag Extension for MediaWiki (version 0.1). Root cause involves the Link Attribute Handler allowing manipulation leading to a web link being opened in a context with window.opener access (classic reverse tabnabbing risk). Upgrading to version 0.2 mitigates the iss...
CVE-2018-25089 glb Meetup Tag Extension Link Attribute reverse tabnabbing
A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to versi...
PT-2023-10829 · Mediawiki · Glb Meetup Tag Extension
Name of the Vulnerable Software and Affected Versions: glb Meetup Tag Extension version 0.1 Description: A vulnerability was found in the glb Meetup Tag Extension on MediaWiki, affecting the Link Attribute Handler component. The issue leads to the use of a web link to an untrusted target with...
Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
Adobe Dimension GLB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GLB...
Adobe Dimension GLB File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GLB...
CVE-2023-38212 ZDI-CAN-21093: Adobe Dimension GLB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Adobe Dimension version 3.4.9 is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2023-38213 ZDI-CAN-21094: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Dimension version 3.4.9 is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a...
Microsoft 3D Builder GLB File Parsing Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...