Lucene search
K

9 matches found

Zero Day Initiative
Zero Day Initiative
added 2025/10/06 12:0 a.m.5 views

(Pwn2Own) Redis Lua Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Redis. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of certain string values by the embedded Lua interpreter. The issue results from the...

9.8CVSS7.6AI score0.86767EPSS
Exploits14References1
NVD
NVD
added 2025/04/21 1:15 p.m.15 views

CVE-2025-32408

In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled...

2.5CVSS0.00103EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.6 views

PT-2024-39786 · Trimble · Trimble Sketchup Viewer

Name of the Vulnerable Software and Affected Versions: Trimble SketchUp Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this, where the...

7.8CVSS7.2AI score0.00374EPSS
Exploits0References5
Veracode
Veracode
added 2024/04/29 5:11 a.m.25 views

Prototype Pollution

ejs is vulnerable to Prototype Pollution. The vulnerability is due to inadequate object checks which lack prototype protection measures, which allows an attackers to overwrite certain object prototypes...

4CVSS6.8AI score0.00614EPSS
Exploits1References4Affected Software2
Veracode
Veracode
added 2023/05/16 6:38 a.m.19 views

Privilege Escalation

n8n is vulnerable to Privilege Escalation. The vulnerability is due to a lack of object checks when merging the user supplied fields with the server object. The privilege escalation vulnerability occurs whenever the updateCurrentUser method of the MeController class merges a user object with an...

8.8CVSS7.1AI score0.01222EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.7 views

CVE-2022-24357

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS7.5AI score0.02382EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.5 views

CVE-2021-46601

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS7.6AI score0.01911EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/01/13 10:15 p.m.4 views

CVE-2021-34922

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.5AI score0.01937EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/12/08 12:0 a.m.4 views

Bentley Systems Bentley View 资源管理错误漏洞

Bentley View, a free viewer from Bentley Systems, Inc. A security vulnerability exists in Bentley View 3DS file parsing, which is caused by not verifying the existence of an object before performing an operation on it. An attacker could exploit this vulnerability to execute code in the context of...

7.8CVSS5.9AI score0.02103EPSS
Exploits0References4
Rows per page
Query Builder