Lucene search
K

5568 matches found

EUVD
EUVD
added 2026/04/14 6:30 p.m.4 views

EUVD-2026-22337

Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability that could result in arbitrary file system read in the context of the current user. Exploitation of...

6.3CVSS5.9AI score0.00337EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/14 6:30 p.m.6 views

EUVD-2026-22436

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/14 5:5 p.m.2 views

CVE-2026-34629

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00178EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 3:30 p.m.2 views

EUVD-2026-22280

Stored XSS in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to obtain limited information from other user sessions. User interaction is required...

5.7CVSS5.8AI score0.00586EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.7 views

PT-2026-32903

Bridge | Heap-based Buffer Overflow CWE-122 CVE: CVE-2026-27310 PT ID: PT-2026-32903 Vendor: Adobe Product: Bridge CVSS: 7.8 Credits: n/a Description: Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code executio...

7.8CVSS6.3AI score0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/11 3:30 a.m.7 views

EUVD-2026-21668

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in...

7.8CVSS7.6AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/11 3:30 a.m.2 views

EUVD-2026-21666

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in...

7.8CVSS7.6AI score0.00265EPSS
Exploits0References2
OSV
OSV
added 2026/04/11 1:16 a.m.1 views

DEBIAN-CVE-2026-4153

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.8AI score0.00651EPSS
Exploits0References1
OSV
OSV
added 2026/04/11 1:16 a.m.4 views

UBUNTU-CVE-2026-4154

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS6.2AI score0.00596EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/11 12:13 a.m.1 views

CVE-2026-5493 Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in...

7.8CVSS6.2AI score0.00265EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.33 views

Adobe Reader < 26.001.21411 Vulnerability (APSB26-43)

The version of Adobe Reader installed on the remote Windows host is a version prior to 26.001.21411. It is, therefore, affected by a vulnerability. - Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes...

8.6CVSS7.9AI score0.07086EPSS
Exploits4References2
NVD
NVD
added 2026/04/07 4:17 a.m.3 views

CVE-2026-20433

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation...

8.8CVSS0.00341EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-30998

Name of the Vulnerable Software and Affected Versions NI LabVIEW versions 2026 Q1 26.1.0 and prior Description A memory corruption issue exists due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW. This can lead to information disclosure or arbitrary code execution. An...

8.5CVSS6AI score0.0022EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.3 views

CVE-2026-27268

Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a vict...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.4 views

CVE-2026-27281

DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...

5.5CVSS5.8AI score0.00179EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.3 views

CVE-2026-21311

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

8CVSS5.7AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.4 views

CVE-2026-27273

Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.4AI score0.00142EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/03/18 5:26 p.m.6 views

Avo has a XSS vulnerability on `return_to` param

Description A reflected cross-site scripting XSS vulnerability exists in the returnto query parameter used in the avo interface. An attacker can craft a malicious URL that injects arbitrary JavaScript, which is executed when he clicks a dynamically generated navigation button. Impact This...

6.1CVSS5.9AI score0.00264EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/16 4:31 a.m.3 views

CVE-2026-20988

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.10 views

PT-2026-25593

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References1
Rows per page
Query Builder