Lucene search
K

5360 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/14 5:5 p.m.2 views

CVE-2026-34629

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00178EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 3:30 p.m.2 views

EUVD-2026-22280

Stored XSS in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to obtain limited information from other user sessions. User interaction is required...

5.7CVSS5.8AI score0.00586EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.7 views

PT-2026-32903

Bridge | Heap-based Buffer Overflow CWE-122 CVE: CVE-2026-27310 PT ID: PT-2026-32903 Vendor: Adobe Product: Bridge CVSS: 7.8 Credits: n/a Description: Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code executio...

7.8CVSS6.3AI score0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/11 3:30 a.m.7 views

EUVD-2026-21668

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in...

7.8CVSS7.6AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/11 3:30 a.m.3 views

EUVD-2026-21666

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in...

7.8CVSS7.6AI score0.00265EPSS
Exploits0References2
OSV
OSV
added 2026/04/11 1:16 a.m.1 views

DEBIAN-CVE-2026-4153

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.8AI score0.00651EPSS
Exploits0References1
OSV
OSV
added 2026/04/11 1:16 a.m.5 views

UBUNTU-CVE-2026-4154

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS6.2AI score0.00596EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/11 12:13 a.m.1 views

CVE-2026-5493 Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in...

7.8CVSS6.2AI score0.00265EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.33 views

Adobe Reader < 26.001.21411 Vulnerability (APSB26-43)

The version of Adobe Reader installed on the remote Windows host is a version prior to 26.001.21411. It is, therefore, affected by a vulnerability. - Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes...

8.6CVSS7.9AI score0.07086EPSS
Exploits4References2
NVD
NVD
added 2026/04/07 4:17 a.m.3 views

CVE-2026-20433

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation...

8.8CVSS0.00341EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-30998

Name of the Vulnerable Software and Affected Versions NI LabVIEW versions 2026 Q1 26.1.0 and prior Description A memory corruption issue exists due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW. This can lead to information disclosure or arbitrary code execution. An...

8.5CVSS6AI score0.0022EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.3 views

CVE-2026-27268

Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a vict...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.4 views

CVE-2026-27281

DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...

5.5CVSS5.8AI score0.00179EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.3 views

CVE-2026-21311

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

8CVSS5.7AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.4 views

CVE-2026-27273

Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.4AI score0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/16 4:31 a.m.3 views

CVE-2026-20988

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.10 views

PT-2026-25593

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References1
NCSC
NCSC
added 2026/03/12 7:3 a.m.16 views

Vulnerabilities fixed in Adobe Acrobat Reader

Adobe has fixed vulnerabilities in Adobe Acrobat Reader versions up to 25.001.21265. The vulnerabilities include a Use After Free vulnerability that can be exploited to achieve arbitrary code execution. This vulnerability is triggered when a user opens a maliciously crafted file. In addition, the...

7.8CVSS5.9AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.4 views

CVE-2026-26982

Ghostty is a cross-platform terminal emulator. Ghostty allows control characters such as 0x03 Ctrl+C in pasted and dropped text. These can be used to execute arbitrary commands in some shell environments. This attack requires an attacker to convince the user to copy and paste or drag and drop...

8.8CVSS6AI score0.00307EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/11 2:19 a.m.3 views

CVE-2026-21284 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

8.1CVSS5.7AI score0.00382EPSS
Exploits0References1
Rows per page
Query Builder