Lucene search
K

62 matches found

EUVD
EUVD
added 2026/05/05 3:31 a.m.6 views

EUVD-2026-27163

An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...

7.5CVSS6.4AI score0.0018EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/10 8:16 p.m.5 views

CVE-2025-29948

Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity...

5.9CVSS5.9AI score0.00144EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.11 views

PT-2026-7448

Name of the Vulnerable Software and Affected Versions AMD Secure Encrypted Virtualization SEV firmware affected versions not specified Description An access control issue in AMD Secure Encrypted Virtualization SEV firmware may allow a malicious hypervisor to circumvent RMP protections. This could...

5.9CVSS5.4AI score0.00144EPSS
Exploits0References3
NVD
NVD
added 2026/01/29 9:16 a.m.7 views

CVE-2026-23568

An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. The leaked...

8.1CVSS0.00196EPSS
Exploits0References1
OSV
OSV
added 2025/11/18 5:16 p.m.4 views

CVE-2025-47761

An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would requi...

7.8CVSS5.9AI score0.00142EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/18 5:1 p.m.3 views

EUVD-2025-198021

An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would require bypassing t...

7.8CVSS6.4AI score0.00142EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-7129

Malware in sbrugna...

7.5CVSS7.5AI score0.01124EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-16779

Malware in sbrugna...

7.5CVSS8.4AI score0.01507EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-7765

Malware in sbrugna...

9.8CVSS8.9AI score0.05184EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.4 views

PT-2025-34105 · Undefined · Undefined

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

8.4CVSS8.2AI score0.00331EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/08/15 2:36 a.m.7 views

CVE-2025-4277

Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

7.5CVSS8.1AI score0.00133EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/01 12:0 a.m.5 views

The vulnerability of Adobe InDesign’s computer font automation tool, related to the use of memory after it is freed, allows attackers to bypass the ASLR protection mechanism and gain unauthorized access to protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and gain unauthorized access to protected information...

5.5CVSS5.4AI score0.0025EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/01 12:0 a.m.6 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading data beyond the buffer in memory, allows attackers to circumvent ASLR protection and gain unauthorized access to protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and gain unauthorized access to protected information...

5.5CVSS6.1AI score0.0024EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.6 views

PT-2025-6395 · Amd · Sev-Snp

Name of the Vulnerable Software and Affected Versions: SEV-SNP affected versions not specified Description: The issue is related to the improper handling of invalid nested page table entries in the IOMMU, which may allow a privileged attacker to induce page table entry PTE faults. This could...

5.3CVSS6.8AI score0.00168EPSS
Exploits0References7
OSV
OSV
added 2024/12/13 1:18 p.m.4 views

OESA-2024-2550 linux-firmware security update

This package contains firmware images required by some devices. Security Fixes: IOMMU improperly handles certain special address ranges with invalid device table entries DTEs, which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in...

6CVSS6.7AI score0.00199EPSS
Exploits0References3
OSV
OSV
added 2024/12/10 9:15 p.m.4 views

CVE-2024-49548

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

5.5CVSS5.6AI score0.00322EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 7:15 p.m.5 views

CVE-2024-52998

Substance3D - Stager versions 3.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

5.5CVSS5.6AI score0.00267EPSS
Exploits0References1
OSV
OSV
added 2024/08/13 5:15 p.m.3 views

DEBIAN-CVE-2023-20584

IOMMU improperly handles certain special address ranges with invalid device table entries DTEs, which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity...

6CVSS5.5AI score0.00174EPSS
Exploits0References1
NCSC
NCSC
added 2024/05/15 11:18 a.m.8 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Circumvention of security measure - Remote code execution User rights - Remote cod...

9.8CVSS7AI score0.01411EPSS
Exploits3References3
OSV
OSV
added 2024/02/15 11:15 a.m.3 views

CVE-2024-20725

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

5.5CVSS5.8AI score0.00245EPSS
Exploits0References1
Rows per page
Query Builder