16 matches found
CVE-2026-43656
Apple fixed an out-of-bounds write issue by improving input validation in parsing a malicious file. Affected are iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.5. The vulnerability could cause an unexpected app termination. Re...
CVE-2025-9457 PRT File Parsing Memory Corruption Vulnerability
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...
CVE-2025-9456
A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 17.6 and iPadOS prior to version 17.6, which stems from the fact...
CVE-2024-23138
A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2024-23126 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
Design/Logic Flaw
A maliciously crafted 3DM file in opennurbs.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process...
CVE-2023-41140
A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2023-29073
A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
UBUNTU-CVE-2023-5557
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...
CVE-2022-42934
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...
CVE-2022-41310
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...
Bentley Systems MicroStation和Bentley View 缓冲区错误漏洞
Bentley Systems MicroStation and Bentley View are both products of Bentley Systems, Inc. of the U.S.A. MicroStation is a Cad software platform for 2D and 3D design and drafting.Bentley View is a freeware viewer. A security vulnerability exists in Bentley Systems MicroStation version 10.16. and...
Privilege Escalation
github.com/ether/etherpad-lite is vulnerable to Privilege Escalation. The library does not properly validate the .etherpad import files, allowing an attacker to gain admin privileges and execute arbitrary code using malicious crafted import file...
Memory corruption
A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution...
Gnome Nautilus 3.16 - Denial of Service
Exploit Title: Gnome Nautilus Denial of Service Discovery Date: 2015/10/27 Public Disclosure Date: 2015/12/01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: https://www.gnome.org/ Software Link: https://wiki.gnome.org/Apps/Nautilus Version: 3.16 Tested...