9564 matches found
CVE-2025-1650
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-1649
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-1650
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-1427
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-1427
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-1427
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-27107 Integrated Scripting vulnerable to arbitrary code execution via Java reflection
Integrated Scripting is a tool for creating scripts for handling complex operations in Integrated Dynamics. Minecraft users who use Integrated Scripting prior to versions 1.21.1-1.0.17, 1.21.4-1.0.9-254, 1.20.1-1.0.13, and 1.19.2-1.0.10 may be vulnerable to arbitrary code execution. By using Java...
CVE-2025-27107
CVE-2025-27107 affects Integrated Scripting in Integrated Dynamics for Minecraft servers. The vulnerability allows arbitrary code execution by abusing Java reflection on a thrown exception to escape the JavaScript sandbox in IntegratedScripting’s Variable Cards, enabling an attacker with card cre...
CVE-2025-1650 CATPRODUCT File Parsing Uninitialized Variable Vulnerability
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-1650
Autodesk AutoCAD is affected by CVE-2025-1650 due to parsing a malicious CATPRODUCT file, which can trigger an Uninitialized Variable condition. The vulnerability allows a local attacker to cause a crash, read sensitive data, or execute arbitrary code in the current process context. Root cause de...
CVE-2025-1650 CATPRODUCT File Parsing Uninitialized Variable Vulnerability
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-1649 CATPRODUCT File Parsing Uninitialized Variable Vulnerability
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-1649
CVE-2025-1649 concerns Autodesk AutoCAD and the CATPRODUCT file type. A maliciously crafted CATPRODUCT file may be parsed in AutoCAD to trigger an Uninitialized Variable condition, potentially allowing a crash, data exposure, or arbitrary code execution in the current process. Affected behavior i...
CVE-2025-1649 CATPRODUCT File Parsing Uninitialized Variable Vulnerability
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2024-56181
A vulnerability has been identified in SIMATIC Field PG M5 All versions, SIMATIC IPC BX-21A All versions V31.01.07, SIMATIC IPC BX-32A All versions V29.01.07, SIMATIC IPC BX-39A All versions V29.01.07, SIMATIC IPC BX-59A All versions V32.01.04, SIMATIC IPC PX-32A All versions V29.01.07, SIMATIC I...
CVE-2025-1427
Autodesk AutoCAD is affected by CVE-2025-1427 due to an Uninitialized Variable vulnerability when parsing a malicious CATPRODUCT file. Root cause: uninitialized variable in CATPRODUCT parsing. Impact: crash, read sensitive data, or execute arbitrary code in the current process. Exploitation is lo...
CVE-2025-1427 CATPRODUCT File Parsing Uninitialized Variable Vulnerability
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
The vulnerability of Cobalt Ashlar-Vellum’s parametric automated design and 3D modeling software lies in the use of an uninitialized variable, which allows a hacker to execute arbitrary code.
The vulnerability of Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to the use of an uninitialized variable. Exploiting this vulnerability could allow a attacker to execute arbitrary code within the context of the current process...