Lucene search
+L

119 matches found

Positive Technologies
Positive Technologies
added 2025/08/18 12:0 a.m.7 views

PT-2025-33698 · Ashlar Vellum · Ashlar-Vellum Cobalt +4

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt versions prior to 12.6.1204.204 Ashlar-Vellum Xenon versions prior to 12.6.1204.204 Ashlar-Vellum Argon versions prior to 12.6.1204.204 Ashlar-Vellum Lithium versions prior to 12.6.1204.204 Ashlar-Vellum Cobalt Share...

8.4CVSS7.3AI score0.00156EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/18 12:0 a.m.7 views

PT-2025-33697 · Ashlar Vellum · Ashlar-Vellum Xenon +4

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt versions prior to 12.6.1204.204 Ashlar-Vellum Xenon versions prior to 12.6.1204.204 Ashlar-Vellum Argon versions prior to 12.6.1204.204 Ashlar-Vellum Lithium versions prior to 12.6.1204.204 Ashlar-Vellum Cobalt Share...

8.4CVSS7.3AI score0.00156EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/08/18 12:0 a.m.4 views

Ashlar-Vellum多款产品 安全漏洞

Ashlar-Vellum Xenon and others are products of Ashlar-Vellum.Ashlar-Vellum Xenon is a CAD modeling software.Ashlar-Vellum Cobalt is a parametric-based computer-aided design and 3D modeling program.Ashlar-Vellum Argon is A 2D drafting and 3D modeling software. A security vulnerability exists in...

8.4CVSS7.3AI score0.00156EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/18 12:0 a.m.6 views

Ashlar-Vellum多款产品 缓冲区错误漏洞

Ashlar-Vellum Xenon and others are products of Ashlar-Vellum.Ashlar-Vellum Xenon is a CAD modeling software.Ashlar-Vellum Cobalt is a parametric-based computer-aided design and 3D modeling program.Ashlar-Vellum Argon is A 2D drafting and 3D modeling software. A buffer error vulnerability exists i...

8.4CVSS7.1AI score0.00158EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 1:56 a.m.8 views

CVE-2017-20106

A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...

5.3CVSS6.8AI score0.00329EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/19 8:35 a.m.4 views

Malicious code in ttd-lithium (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73c711048944c634cd49e0952d573c5c48f00dd01c409ae7ddb3848ae960a6fb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/05/19 8:35 a.m.4 views

MAL-2025-4030 Malicious code in ttd-lithium (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73c711048944c634cd49e0952d573c5c48f00dd01c409ae7ddb3848ae960a6fb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
Wired Threat Level
Wired Threat Level
added 2024/10/21 10:0 a.m.6 views

US Government Says Relying on Chinese Lithium Batteries Is Too Risky

A new document shows the Department of Homeland Security is concerned that Chinese investment in lithium batteries to power energy grids will make them a threat to US supply chain security...

7.2AI score
Exploits0
OSV
OSV
added 2024/05/03 3:15 a.m.3 views

CVE-2023-44440

Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Lithium. User interaction is required to exploit this vulnerability in that the target must...

8.8CVSS6.2AI score0.00825EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:15 a.m.6 views

CVE-2023-44440

Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Lithium. User interaction is required to exploit this vulnerability in that the target must...

8.8CVSS6.2AI score0.00825EPSS
Exploits0References2
NVD
NVD
added 2024/05/03 3:15 a.m.15 views

CVE-2023-44440

Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Lithium. User interaction is required to exploit this vulnerability in that the target must...

8.8CVSS8AI score0.00825EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 2:14 a.m.54 views

CVE-2023-44440

CVE-2023-44440 affects Ashlar-Vellum Lithium. The vulnerability arises during parsing of various file types, where the process loads a library from an unsecured location, enabling an attacker to execute code in the context of the current process. Exploitation requires user interaction: the target...

8.8CVSS8AI score0.00825EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/03 2:14 a.m.20 views

CVE-2023-44440 Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability

Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Lithium. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS7.6AI score0.00825EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/03 2:14 a.m.15 views

CVE-2023-44440 Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability

Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Lithium. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS8.2AI score0.00825EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.5 views

Ashlar Vellum Lithium 安全漏洞

Ashlar Vellum Lithium is a CAD modeling software from Ashlar, Inc. A security vulnerability exists in Ashlar Vellum Lithium that stems from the presence of an uncontrolled search path element remote code execution vulnerability that could allow a remote attacker to execute arbitrary code on an...

8.8CVSS8.1AI score0.00825EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/04 12:0 a.m.6 views

Vulnerability of Cobalt, Graphite, Xenon, Argon, Lithium Ashlar-Vellum software for parametric automated design and 3D modeling: This vulnerability arises from reading beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Cobalt, Graphite, Xenon, Argon, and Lithium Ashlar-Vellum software for parametric automated design and 3D modeling involves reading data beyond the buffer limit in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by introducing specially...

7.8CVSS7.9AI score0.0026EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/23 12:0 a.m.7 views

The vulnerability of the software for parametric automated design and 3D modeling of Lithium Ashlar-Vellum lies in its uncontrolled element during the search process, allowing a perpetrator to execute arbitrary code.

The vulnerability of the software for parametric automated design and 3D modeling of Lithium Ashlar-Vellum is related to an uncontrollable element in the search process. Exploiting this vulnerability could allow a attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00825EPSS
Exploits0References4Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2023/11/14 12:0 a.m.21 views

Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Lithium. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

7.8CVSS7.2AI score0.00825EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.5 views

PT-2023-7087 · Ashlar Vellum · Ashlar-Vellum Lithium

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Lithium affected versions not specified Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Lithium. User interaction is required to exploit this...

8.8CVSS7.8AI score0.00825EPSS
Exploits0References7
OSV
OSV
added 2023/10/26 8:15 p.m.3 views

CVE-2023-39427

In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share v12 SP0 Build 1204.77, the affected applications lack proper validation of user-supplied data when parsing XE files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code ...

7.8CVSS6.1AI score0.00202EPSS
Exploits0References1
Rows per page
Query Builder