Lucene search
K

37 matches found

Zero Day Initiative
Zero Day Initiative
added 2024/03/11 12:0 a.m.19 views

Dassault Systèmes eDrawings IPT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.2AI score0.00338EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/03/11 12:0 a.m.21 views

Dassault Systèmes eDrawings IPT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.2AI score0.00338EPSS
Exploits0References1
NVD
NVD
added 2024/02/28 6:15 p.m.19 views

CVE-2024-1847

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024...

7.8CVSS7.9AI score0.00338EPSS
Exploits0References1
Prion
Prion
added 2024/02/28 6:15 p.m.23 views

Heap overflow

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024...

4.4CVSS8.1AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/28 5:34 p.m.29 views

CVE-2024-1847 Multiple vulnerabilities exist in file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024...

7.8CVSS8.1AI score0.00338EPSS
Exploits0References1
Veracode
Veracode
added 2022/07/06 12:43 a.m.20 views

Improper Input Validation

In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state. A flaw was found in the Puppet...

9.8CVSS8.8AI score0.00903EPSS
Exploits0References4Affected Software2
RedhatCVE
RedhatCVE
added 2022/04/04 9:20 a.m.26 views

CVE-2022-0675

A flaw was found in the Puppet Firewall module. In certain situations, an unmanaged rule can exist on the target system that has the same comment as a rule specified in the manifest. When this condition is true, Puppet will ignore the unmanaged rule and continue to apply the rule in the manifest...

9.8CVSS1.2AI score0.00903EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2016:2018-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.05676EPSS
Exploits10References14
CVE
CVE
added 2017/08/02 5:0 p.m.68 views

CVE-2017-1118

IBM WebSphere MQ Internet Pass-Thru (MQIPT) versions 2.0 and 2.1 are affected by CVE-2017-1118 due to an incorrectly configured security policy that can cause MQIPT to stop responding. The IBM bulletin notes that this denial-of-service condition arises when IP addresses not configured in the MQIP...

7.5CVSS7.3AI score0.01868EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2016/09/15 7:39 a.m.5 views

kernel: netfilter: missing bounds check in ipt_entry structure

A security flaw was found in the Linux kernel in the marksourcechains function in "net/ipv4/netfilter/iptables.c". It is possible for a user-supplied "iptentry" structure to have a large "nextoffset" field. This field is not bounds checked prior to writing to a counter value at the supplied offse...

8.4CVSS7.3AI score0.01234EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/09/15 7:38 a.m.3 views

kernel: netfilter: missing bounds check in ipt_entry structure

A security flaw was found in the Linux kernel in the marksourcechains function in "net/ipv4/netfilter/iptables.c". It is possible for a user-supplied "iptentry" structure to have a large "nextoffset" field. This field is not bounds checked prior to writing to a counter value at the supplied offse...

8.4CVSS7.3AI score0.01234EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/09/14 11:41 p.m.6 views

kernel: out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt

An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt. The function call is normally restricted to root, however some processes with capsysadmin may also be able to trigger this flaw in privileged container environments...

7.1CVSS7.1AI score0.01885EPSS
Exploits1References4
CVE
CVE
added 2015/06/28 2:0 p.m.40 views

CVE-2015-0173

IBM WebSphere MQ Internet Pass-Thru (MQIPT) HTTP connection management is affected: MQIPT Session IDs are predictable in versions 2.1.0.1 and earlier when HTTPS is disabled, enabling potential bypass of data restrictions. Affected: MQIPT HTTP sessions; root cause is predictable session IDs. Remed...

4.3CVSS6.6AI score0.01592EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2007/04/28 12:0 a.m.7 views

security flaw

The iptrecent kernel module iptrecent.c in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONGMAX, which can cause iptrecent netfilter rules to block too early, a different vulnerability than CVE-2005-2872...

2.1CVSS5.8AI score0.00389EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/10/05 7:16 p.m.4 views

security flaw

Race condition in the doaddcounters function in netfilter for Linux kernel 2.6.16 allows local users with CAPNETADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-re...

4.7CVSS5.9AI score0.00296EPSS
Exploits0References4
securityvulns
securityvulns
added 2005/12/01 12:0 a.m.71 views

MDKSA-2005:220 - Updated kernel packages fix numerous vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:220 http://www.mandriva.com/security/ Package : kernel Date : November 30, 2005 Affected: 10.2 Problem Description: Multiple vulnerabilities in the Linux 2.6 kernel have been discovered and corrected in this...

5CVSS7.2AI score0.04626EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2005/10/05 12:2 p.m.4 views

security flaw

The iptrecent kernel module iptrecent.c in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service kernel panic via certain attacks such as SSH brute force, which leads to memset calls using a length based on the uint32t...

5CVSS5.8AI score0.03906EPSS
Exploits0References4
Rows per page
Query Builder