Lucene search
K

71 matches found

Zero Day Initiative
Zero Day Initiative
added 2023/03/31 12:0 a.m.41 views

Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

5.3CVSS7.5AI score0.00939EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/28 12:0 a.m.25 views

CVE-2023-26342 ZDI-CAN-19413: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

5.5CVSS5.2AI score0.00332EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/03/16 12:0 a.m.19 views

Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

3.3CVSS5.7AI score0.00332EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/01/18 12:0 a.m.20 views

Microsoft 3D Builder GLB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.5AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/01/18 12:0 a.m.46 views

Microsoft 3D Builder GLB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.5AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/01/18 12:0 a.m.18 views

Microsoft 3D Builder GLB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.5AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/01/18 12:0 a.m.25 views

Microsoft 3D Builder GLB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.5AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/01/18 12:0 a.m.29 views

Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.6AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/01/18 12:0 a.m.18 views

Microsoft 3D Builder GLB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.5AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/01/18 12:0 a.m.23 views

Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.6AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/01/18 12:0 a.m.40 views

Microsoft 3D Builder GLB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.5AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/01/18 12:0 a.m.26 views

Microsoft 3D Builder GLB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.5AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/01/18 12:0 a.m.48 views

Microsoft 3D Builder GLB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.5AI score0.00939EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.1 views

PT-2023-1053 · Microsoft · 3D Builder

Name of the Vulnerable Software and Affected Versions: 3D Builder affected versions not specified Description: The issue is related to insufficient input validation in the 3D Builder program, which can allow an attacker to execute arbitrary code by opening a specially crafted malicious file. This...

7.8CVSS9.5AI score0.00939EPSS
Exploits0References35
Cvelist
Cvelist
added 2022/10/14 7:50 p.m.22 views

CVE-2022-38443 Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension versions 3.4.5 is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a...

5.5CVSS5.3AI score0.00325EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/14 7:50 p.m.25 views

CVE-2022-38441 Adobe Dimension GLB File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Adobe Dimension versions 3.4.5 is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation...

7.8CVSS7.7AI score0.00453EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/10/14 12:0 a.m.25 views

Adobe Dimension GLB File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GLB...

7.8CVSS5.2AI score0.00453EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/10/14 12:0 a.m.25 views

Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

3.3CVSS3.2AI score0.00325EPSS
Exploits0References1
Prion
Prion
added 2022/03/21 11:15 a.m.11 views

Command injection

Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware...

7.5CVSS9.8AI score0.01464EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2022/03/21 10:46 a.m.85 views

CVE-2021-45878

CVE-2021-45878 affects GARO Wallbox GLB/GTB/GTC family. Root cause: lack of access control on web manager pages, enabling any user to view and modify information. Impact: potential unauthorized view/modify of data (high confidentiality and integrity impact per the CVE’s metadata; network vector, ...

9.1CVSS9AI score0.01068EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder