Lucene search
K

16 matches found

CVE
CVE
added 2026/05/11 8:8 p.m.17 views

CVE-2026-43656

Apple fixed an out-of-bounds write issue by improving input validation in parsing a malicious file. Affected are iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.5. The vulnerability could cause an unexpected app termination. Re...

7.3CVSS5.8AI score0.00265EPSS
Exploits0References5Affected Software3
Cvelist
Cvelist
added 2025/12/15 11:37 p.m.28 views

CVE-2025-9457 PRT File Parsing Memory Corruption Vulnerability

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

7.8CVSS0.00166EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/12/15 11:36 p.m.6 views

CVE-2025-9456

A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

7.8CVSS7.5AI score0.0025EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.3 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 17.6 and iPadOS prior to version 17.6, which stems from the fact...

5.5CVSS6.2AI score0.0776EPSS
Exploits0References6
NVD
NVD
added 2024/03/18 12:15 a.m.23 views

CVE-2024-23138

A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS7AI score0.0047EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/22 2:25 a.m.29 views

CVE-2024-23126 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS7.2AI score0.00418EPSS
Exploits0References2
Prion
Prion
added 2024/02/22 2:15 a.m.23 views

Design/Logic Flaw

A maliciously crafted 3DM file in opennurbs.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process...

7.4AI score0.00652EPSS
Exploits0References2
NVD
NVD
added 2023/11/23 4:15 a.m.33 views

CVE-2023-41140

A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS0.00252EPSS
Exploits0References1
NVD
NVD
added 2023/11/23 3:15 a.m.17 views

CVE-2023-29073

A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

9.8CVSS0.01EPSS
Exploits0References1
OSV
OSV
added 2023/10/13 2:15 a.m.2 views

UBUNTU-CVE-2023-5557

A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...

7.7CVSS7.1AI score0.1657EPSS
Exploits2References6
Cvelist
Cvelist
added 2022/10/21 12:0 a.m.22 views

CVE-2022-42934

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...

8.2AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/21 12:0 a.m.24 views

CVE-2022-41310

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...

8.2AI score0.00365EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/07/15 12:0 a.m.5 views

Bentley Systems MicroStation和Bentley View 缓冲区错误漏洞

Bentley Systems MicroStation and Bentley View are both products of Bentley Systems, Inc. of the U.S.A. MicroStation is a Cad software platform for 2D and 3D design and drafting.Bentley View is a freeware viewer. A security vulnerability exists in Bentley Systems MicroStation version 10.16. and...

3.3CVSS5AI score0.00198EPSS
Exploits0References2
Veracode
Veracode
added 2021/12/13 4:3 a.m.13 views

Privilege Escalation

github.com/ether/etherpad-lite is vulnerable to Privilege Escalation. The library does not properly validate the .etherpad import files, allowing an attacker to gain admin privileges and execute arbitrary code using malicious crafted import file...

9.9CVSS5.7AI score0.01995EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2019/12/18 6:15 p.m.24 views

Memory corruption

A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution...

6.8CVSS7.6AI score0.0098EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2015/12/03 12:0 a.m.24 views

Gnome Nautilus 3.16 - Denial of Service

Exploit Title: Gnome Nautilus Denial of Service Discovery Date: 2015/10/27 Public Disclosure Date: 2015/12/01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: https://www.gnome.org/ Software Link: https://wiki.gnome.org/Apps/Nautilus Version: 3.16 Tested...

7.4AI score
Exploits0
Rows per page
Query Builder