Lucene search
K

60 matches found

RedhatCVE
RedhatCVE
added 2025/07/05 12:4 p.m.8 views

CVE-2025-40723

Stored Cross-Site Scripting XSS vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input, through the footertext and announcement parameters in config.php...

5.1CVSS4.7AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2024/11/22 9:15 p.m.18 views

CVE-2024-8848

PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...

5.5CVSS0.00261EPSS
Exploits0References1
NVD
NVD
added 2024/11/22 9:15 p.m.11 views

CVE-2024-11567

IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page...

7.8CVSS0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.12 views

CVE-2024-5580 Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability

Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS8AI score0.0151EPSS
Exploits0References2
NVD
NVD
added 2024/09/28 6:15 a.m.22 views

CVE-2024-23938

Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. T...

8.8CVSS0.00943EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/21 4:6 p.m.31 views

CVE-2024-7601 Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability

Logsign Unified SecOps Platform Directory dataexportdeleteall Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerabilit...

7.1CVSS0.01619EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/06/21 12:0 a.m.28 views

(Pwn2Own) Ubiquiti Networks EV Station EVCLauncher Improper Certificate Validation Vulnerability

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of Ubiquiti Networks EV Station. User interaction is not required to exploit this vulnerability. The specific flaw exists within the EVCLauncher application. The...

6.3CVSS6.4AI score0.00325EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/05/31 12:0 a.m.21 views

Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2...

7.8CVSS7.2AI score0.00492EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/05/15 12:0 a.m.21 views

NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FLXPR...

7.8CVSS7AI score0.14692EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/05/09 12:0 a.m.22 views

Dassault Systèmes eDrawings Viewer JT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.2AI score0.00338EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2024/05/03 3:16 a.m.16 views

CVE-2023-51594

BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a...

2.6CVSS6.5AI score0.00949EPSS
Exploits0
CVE
CVE
added 2024/05/03 2:15 a.m.63 views

CVE-2023-51566

Kofax Power PDF is affected by an OXPS file parsing vulnerability described as a stack-based buffer overflow that can lead to Remote Code Execution. The flaw results from inadequate validation of the length of user-supplied data before copying it into a fixed-length stack buffer during OXPS parsi...

7.8CVSS8.1AI score0.0087EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/03 2:11 a.m.32 views

CVE-2023-40494 LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability

LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists withi...

8.2CVSS8.3AI score0.84357EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 1:59 a.m.77 views

CVE-2023-38116

CVE-2023-38116 concerns Foxit PDF Reader: a Doc Object Out-of-Bounds Read that can disclose sensitive information and, with additional vulnerabilities, may enable arbitrary code execution. The flaw stems from improper validation of user-supplied data during Doc object handling, allowing reads pas...

3.3CVSS3.4AI score0.00389EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2024/05/03 1:57 a.m.27 views

CVE-2023-34309 Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit ...

7.8CVSS8.2AI score0.00401EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/02 8:15 p.m.17 views

CVE-2024-30356 Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability

Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

3.3CVSS6AI score0.00474EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/02/12 12:0 a.m.14 views

Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ST...

7.8CVSS7.3AI score0.00515EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/01/11 12:0 a.m.24 views

D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01126EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/12/20 12:0 a.m.25 views

Foxit PDF Reader AcroForm Doc Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.3AI score0.00397EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/14 12:0 a.m.27 views

Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS5.8AI score0.02346EPSS
Exploits0References1
Rows per page
Query Builder