768 matches found
SAP 3D Visual Enterprise Author SAT File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
SAP 3D Visual Enterprise Author SAT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
SAP 3D Visual Enterprise Author SAT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
sat.qc.ca Cross Site Scripting vulnerability OBB-3012545
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-39803
Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly .sat, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a...
CVE-2022-39803
Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly .sat, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a...
SAP 3D Visual Enterprise Author 缓冲区错误漏洞
SAP 3D Visual Enterprise Author is a desktop application for managing 2D, 3D, animation, video and audio assets from SAP. A buffer overflow vulnerability exists in SAP 3D Visual Enterprise Author version 9, which stems from a lack of proper memory management and can be exploited by an attacker to...
PT-2022-25000 · Sap · Sap 3D Visual Enterprise Author
Name of the Vulnerable Software and Affected Versions: SAP 3D Visual Enterprise Author version 9 Description: The issue is caused by a lack of proper memory management. When a victim opens a manipulated ACIS Part and Assembly .sat file received from untrusted sources, it is possible that a Remote...
CVE-2022-39803
CVE-2022-39803 concerns SAP 3D Visual Enterprise Author. The issue is in the parsing of SAT files (e.g., CoreCadTranslator.exe) and is tied to improper validation leading to memory corruption, including stack-based/heap-based write conditions. Descriptions from ZDI advisories indicate that crafte...
at.researchstudio.sat:won-core (>=0.2 <=0.9), at.researchstudio.sat:won-cryptography (>=0.3 <=0.6) +2755 more potentially affected by CVE-2013-4330 via org.apache.camel:camel-core (>=1.0.0 <=2.9.6)
org.apache.camel:camel-core MAVEN version =1.0.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.4, =0.9 and more Source cves: CVE-2013-4330 Source advisory: OSV:GHSA-X9FV-C87W-55WC...
sat-ag.com Cross Site Scripting vulnerability OBB-2615297
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems
The cyberattack aimed at Viasat that temporarily knocked KA-SAT modems offline on February 24, 2022, the same day Russian military forces invaded Ukraine, is believed to have been the consequence of wiper malware, according to the latest research from SentinelOne. The findings come a day after th...
Hackers Increasingly Using 'Browser-in-the-Browser' Technique in Ukraine Related Attacks
A Belarusian threat actor known as Ghostwriter aka UNC1151 has been spotted leveraging the recently disclosed browser-in-the-browser BitB technique as part of their credential phishing campaigns exploiting the ongoing Russo-Ukrainian conflict. The method, which masquerades as a legitimate domain ...
DEBIAN-CVE-2009-0947
Multiple integer overflows in the 1 cdfreadpropertyinfo and 2 cdfreadsat functions in file before 5.02...
Mobile Viewpoint Wireless Multiplex Terminal 输入验证错误漏洞
The Mobile Viewpoint Wireless Multiplex Terminal is a wireless multiplexing technology based device from Mobile Viewpoint in the Netherlands that increases bandwidth. The device can bundle multiple wireless networks to increase bandwidth and provide users with high quality video. An input...
OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks
An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization methods to access Office 365 accounts, in order to steal users’ contacts and mail. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services without entering a...
New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS
Cybersecurity researchers today revealed the existence of a new and previously undetected critical vulnerability in SIM cards that could allow remote attackers to compromise targeted mobile phones and spy on victims just by sending an SMS. Dubbed "SimJacker ," the vulnerability resides in a...
at.researchstudio.sat:won-core (>=0.2 <=0.9), at.researchstudio.sat:won-cryptography (>=0.3 <=0.6) +269 more potentially affected by CVE-2014-0002 via org.apache.camel:camel-core (>=2.12.0 <=2.12.2)
org.apache.camel:camel-core MAVEN version =2.12.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.4, =0.9 and more Source cves: CVE-2014-0002 Source advisory: OSV:GHSA-2FW5-RVF2-JQ56...
at.researchstudio.sat:won-core (>=0.2 <=0.9), at.researchstudio.sat:won-cryptography (>=0.3 <=0.6) +1432 more potentially affected by CVE-2017-5643 via org.apache.camel:camel-core (>=1.0.0 <=2.17.5)
org.apache.camel:camel-core MAVEN version =1.0.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.4, =0.9 and more Source cves: CVE-2017-5643 Source advisory: OSV:GHSA-VQ9J-JH62-5HMP...
SAT CFDI 3.3 SQL Injection
Exploit Title: SAT CFDI 3.3 - SQL Injection Dork: N/A Date: 2018-05-23 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage: https://www.wecodex.com/item/view/verification-and-validation-system-sat-cfdi-33/8 Version: 3.3 Category: Webapps Tested on: Kali linux Description : PHP Dashboards is...