Lucene search
K

5362 matches found

Zero Day Initiative
Zero Day Initiative
added 2026/03/06 12:0 a.m.6 views

(Pwn2Own) Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. User interaction is required to exploit this vulnerability in that the user must initiate the device pairing process. The specific flaw exists within the handling of...

8CVSS6.2AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/02 6:42 p.m.28 views

CVE-2025-48578

In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

0.00099EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.3 views

PT-2026-22674

In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

6.1AI score0.00096EPSS
Exploits0References2
OSV
OSV
added 2026/02/26 10:29 p.m.8 views

CVE-2026-28211 Arbitrary code execution in log reader via untrusted log file

The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log...

7.8CVSS6.5AI score0.002EPSS
Exploits0References5
NVD
NVD
added 2026/02/20 11:16 p.m.7 views

CVE-2026-2045

GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ...

7.8CVSS0.00566EPSS
Exploits0References15
NVD
NVD
added 2026/02/20 11:16 p.m.15 views

CVE-2026-2034

Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS0.00319EPSS
Exploits0References1
OSV
OSV
added 2026/02/20 11:16 p.m.9 views

UBUNTU-CVE-2026-2045

GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ...

7.8CVSS6.2AI score0.00566EPSS
Exploits0References6
CVE
CVE
added 2026/02/20 10:23 p.m.28 views

CVE-2026-2047

The CVE-2026-2047 issue is a heap-based buffer overflow in GIMP’s ICNS file parsing that allows remote code execution. It stems from insufficient validation of the length of user-supplied data before copying to a heap buffer. Exploitation requires user interaction (target visits a malicious page ...

7.8CVSS7.8AI score0.0062EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/02/20 10:10 p.m.28 views

CVE-2026-0797 GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.01157EPSS
Exploits0References2
NVD
NVD
added 2026/02/18 2:16 p.m.8 views

CVE-2025-60038

A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which...

8.8CVSS0.00287EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/02/18 12:0 a.m.7 views

Autodesk AutoCAD MODEL File Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.2AI score0.00215EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/02/18 12:0 a.m.8 views

Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.2AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.10 views

PT-2026-20414

A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which...

7.8CVSS6.3AI score0.00287EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/11 7:45 p.m.4 views

CVE-2026-21358

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue...

5.5CVSS5.6AI score0.00154EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.8 views

CVE-2026-21318

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 6:32 p.m.29 views

CVE-2026-21353 DNG SDK | Integer Overflow or Wraparound (CWE-190)

DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00184EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 6:16 p.m.7 views

CVE-2026-21318

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00184EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 6:16 p.m.7 views

CVE-2026-21315

Audition versions 25.3 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must ope...

5.5CVSS0.00153EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 6:16 p.m.13 views

CVE-2026-21342

Adobe Substance3D Stager

7.8CVSS6.3AI score0.00176EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/10 6:8 p.m.27 views

CVE-2026-21334 Substance3D - Designer | Out-of-bounds Write (CWE-787)

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00184EPSS
Exploits0References1
Rows per page
Query Builder