Lucene search
+L

768 matches found

zdi
zdi
added 2022/11/03 12:0 a.m.25 views

SAP 3D Visual Enterprise Author SAT File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.9AI score0.0051EPSS
Exploits0References1
zdi
zdi
added 2022/11/03 12:0 a.m.29 views

SAP 3D Visual Enterprise Author SAT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5.4AI score0.0051EPSS
Exploits0References1
zdi
zdi
added 2022/11/03 12:0 a.m.25 views

SAP 3D Visual Enterprise Author SAT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5.4AI score0.0051EPSS
Exploits0References1
openbugbounty
openbugbounty
added 2022/10/22 9:4 p.m.13 views

sat.qc.ca Cross Site Scripting vulnerability OBB-3012545

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
osv
osv
added 2022/10/11 9:15 p.m.15 views

CVE-2022-39803

Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly .sat, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a...

7.8CVSS5.9AI score0.0051EPSS
Exploits0References2
attackerkb
attackerkb
added 2022/10/11 9:15 p.m.3 views

CVE-2022-39803

Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly .sat, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a...

7.8CVSS6AI score0.0051EPSS
Exploits0References3Affected Software1
cnnvd
cnnvd
added 2022/10/11 12:0 a.m.46 views

SAP 3D Visual Enterprise Author 缓冲区错误漏洞

SAP 3D Visual Enterprise Author is a desktop application for managing 2D, 3D, animation, video and audio assets from SAP. A buffer overflow vulnerability exists in SAP 3D Visual Enterprise Author version 9, which stems from a lack of proper memory management and can be exploited by an attacker to...

7.8CVSS8.4AI score0.0051EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2022/10/11 12:0 a.m.7 views

PT-2022-25000 · Sap · Sap 3D Visual Enterprise Author

Name of the Vulnerable Software and Affected Versions: SAP 3D Visual Enterprise Author version 9 Description: The issue is caused by a lack of proper memory management. When a victim opens a manipulated ACIS Part and Assembly .sat file received from untrusted sources, it is possible that a Remote...

7.8CVSS7.7AI score0.0051EPSS
Exploits0References12
cve
cve
added 2022/10/11 12:0 a.m.55 views

CVE-2022-39803

CVE-2022-39803 concerns SAP 3D Visual Enterprise Author. The issue is in the parsing of SAT files (e.g., CoreCadTranslator.exe) and is tied to improper validation leading to memory corruption, including stack-based/heap-based write conditions. Descriptions from ZDI advisories indicate that crafte...

7.8CVSS7.8AI score0.0051EPSS
Exploits0References2Affected Software1
vulnersosv
vulnersosv
added 2022/05/13 1:26 a.m.5 views

at.researchstudio.sat:won-core (>=0.2 <=0.9), at.researchstudio.sat:won-cryptography (>=0.3 <=0.6) +2755 more potentially affected by CVE-2013-4330 via org.apache.camel:camel-core (>=1.0.0 <=2.9.6)

org.apache.camel:camel-core MAVEN version =1.0.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.4, =0.9 and more Source cves: CVE-2013-4330 Source advisory: OSV:GHSA-X9FV-C87W-55WC...

6.8CVSS7.2AI score0.08523EPSS
Exploits0
openbugbounty
openbugbounty
added 2022/05/11 2:59 p.m.8 views

sat-ag.com Cross Site Scripting vulnerability OBB-2615297

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
thn
thn
added 2022/04/01 1:29 p.m.39 views

Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems

The cyberattack aimed at Viasat that temporarily knocked KA-SAT modems offline on February 24, 2022, the same day Russian military forces invaded Ukraine, is believed to have been the consequence of wiper malware, according to the latest research from SentinelOne. The findings come a day after th...

0.5AI score
Exploits0
thn
thn
added 2022/03/31 1:2 p.m.148 views

Hackers Increasingly Using 'Browser-in-the-Browser' Technique in Ukraine Related Attacks

A Belarusian threat actor known as Ghostwriter aka UNC1151 has been spotted leveraging the recently disclosed browser-in-the-browser BitB technique as part of their credential phishing campaigns exploiting the ongoing Russo-Ukrainian conflict. The method, which masquerades as a legitimate domain ...

8.8CVSS0.5AI score0.96843EPSS
Exploits38
osv
osv
added 2021/06/02 4:15 p.m.4 views

DEBIAN-CVE-2009-0947

Multiple integer overflows in the 1 cdfreadpropertyinfo and 2 cdfreadsat functions in file before 5.02...

9.8CVSS8.6AI score0.0114EPSS
Exploits0References1
cnnvd
cnnvd
added 2021/06/02 12:0 a.m.6 views

Mobile Viewpoint Wireless Multiplex Terminal 输入验证错误漏洞

The Mobile Viewpoint Wireless Multiplex Terminal is a wireless multiplexing technology based device from Mobile Viewpoint in the Netherlands that increases bandwidth. The device can bundle multiple wireless networks to increase bandwidth and provide users with high quality video. An input...

9.8CVSS8.5AI score0.0114EPSS
Exploits0References1
threatpost
threatpost
added 2020/09/30 9:29 p.m.68 views

OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks

An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization methods to access Office 365 accounts, in order to steal users’ contacts and mail. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services without entering a...

7.1AI score
Exploits0References8
thn
thn
added 2019/09/12 11:56 a.m.1 views

New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS

Cybersecurity researchers today revealed the existence of a new and previously undetected critical vulnerability in SIM cards that could allow remote attackers to compromise targeted mobile phones and spy on victims just by sending an SMS. Dubbed "SimJacker ," the vulnerability resides in a...

6.6AI score
Exploits0
vulnersosv
vulnersosv
added 2018/10/16 11:13 p.m.10 views

at.researchstudio.sat:won-core (>=0.2 <=0.9), at.researchstudio.sat:won-cryptography (>=0.3 <=0.6) +269 more potentially affected by CVE-2014-0002 via org.apache.camel:camel-core (>=2.12.0 <=2.12.2)

org.apache.camel:camel-core MAVEN version =2.12.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.4, =0.9 and more Source cves: CVE-2014-0002 Source advisory: OSV:GHSA-2FW5-RVF2-JQ56...

7.5CVSS7.2AI score0.32541EPSS
Exploits2
vulnersosv
vulnersosv
added 2018/10/16 11:13 p.m.5 views

at.researchstudio.sat:won-core (>=0.2 <=0.9), at.researchstudio.sat:won-cryptography (>=0.3 <=0.6) +1432 more potentially affected by CVE-2017-5643 via org.apache.camel:camel-core (>=1.0.0 <=2.17.5)

org.apache.camel:camel-core MAVEN version =1.0.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.4, =0.9 and more Source cves: CVE-2017-5643 Source advisory: OSV:GHSA-VQ9J-JH62-5HMP...

7.4CVSS7.1AI score0.0489EPSS
Exploits0
packetstorm
packetstorm
added 2018/05/24 12:0 a.m.26 views

SAT CFDI 3.3 SQL Injection

Exploit Title: SAT CFDI 3.3 - SQL Injection Dork: N/A Date: 2018-05-23 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage: https://www.wecodex.com/item/view/verification-and-validation-system-sat-cfdi-33/8 Version: 3.3 Category: Webapps Tested on: Kali linux Description : PHP Dashboards is...

7.4AI score
Exploits0
Rows per page
Query Builder