CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9564 matches found

CNNVD•added 2025/03/13 12:0 a.m.•1 views

Autodesk AutoCAD 安全漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from Autodesk, Inc. A security vulnerability exists in Autodesk AutoCAD that originates from an uninitialized variable vulnerability when parsing a specially crafted CATPRODUCT file, which could lead to a crash, read sensitive data, ...

7.8CVSS6.8AI score0.00183EPSS

Exploits0References5

Zero Day Initiative•added 2025/03/13 12:0 a.m.•9 views

Adobe Acrobat Reader DC AcroForm Use of Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS6.7AI score0.00089EPSS

Exploits0References1

Github Security Blog•added 2025/03/12 10:6 p.m.•11 views

HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...

4.4CVSS7AI score0.00032EPSS

Exploits2References8Affected Software1

NVD•added 2025/03/12 7:15 p.m.•16 views

CVE-2025-22870

4.4CVSS0.00032EPSS

Exploits2References6

OSV•added 2025/03/12 7:15 p.m.•11 views

CVE-2025-22870

6.2AI score

Exploits0References5

OSV•added 2025/03/12 7:15 p.m.•4 views

AZL-58469 CVE-2025-22870 affecting package packer for versions less than 1.9.5-9

4.4CVSS6.6AI score0.00032EPSS

Exploits2References1

AlpineLinux•added 2025/03/12 6:27 p.m.•19 views

CVE-2025-22870

4.4CVSS6.8AI score0.00032EPSS

Exploits2

Vulnrichment•added 2025/03/12 6:27 p.m.•15 views

CVE-2025-22870 HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

6.6AI score0.00032EPSS

Exploits2References4

Snyk•added 2025/03/12 3:32 p.m.•1 views

Arbitrary Command Injection

Overview basicsr is an Open Source Image and Video Super-Resolution Toolbox Affected versions of this package are vulnerable to Arbitrary Command Injection through the execution of scontrol show hostname in an environment where the SLURMNODELIST variable is manipulated. Remediation There is no...

5.3CVSS7.5AI score0.00041EPSS

Exploits0References2

SUSE CVE•added 2025/03/12 3:22 p.m.•2 views

SUSE CVE-2025-27363

An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...

8.1CVSS8.1AI score0.70344EPSS

Exploits0References8

RedhatCVE•added 2025/03/12 1:59 p.m.•40 views

CVE-2025-27363

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

8.1CVSS8.3AI score0.70344EPSS

Exploits0References5

RedHat Linux•added 2025/03/12 6:52 a.m.•4 views

grub2: net: Out-of-bounds write in grub_net_search_config_file()

A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...

7.6CVSS8AI score0.00658EPSS

Exploits0References4

Cvelist•added 2025/03/12 12:0 a.m.•7 views

CVE-2024-27763

XPixelGroup BasicSR through 1.4.2 might locally allow code execution in contrived situations where "scontrol show hostname" is executed in the presence of a crafted SLURMNODELIST environment variable...

0.00041EPSS

Exploits0References2

Vulnrichment•added 2025/03/12 12:0 a.m.•4 views

CVE-2024-27763

5.7AI score0.00041EPSS

Exploits0References2

CVE•added 2025/03/12 12:0 a.m.•38 views

CVE-2024-27763

CVE-2024-27763 affects XPixelGroup BasicSR up to version 1.4.2. The issue arises from how a crafted SLURM_NODELIST input is handled when running scontrol show hostname, which can locally allow code execution. The CVSS vector indicates a Local attack with Low privileges required and no user intera...

5.3CVSS7.1AI score0.00041EPSS

Exploits0References2

NVD•added 2025/03/11 9:15 p.m.•4 views

CVE-2025-2014

Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

7.8CVSS0.00231EPSS

Exploits0References1

Vulnrichment•added 2025/03/11 8:42 p.m.•6 views

CVE-2025-2014 Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability

7.8CVSS8.1AI score0.00231EPSS

Exploits0References1

Cvelist•added 2025/03/11 8:42 p.m.•10 views

CVE-2025-2014 Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability

7.8CVSS0.00231EPSS

Exploits0References1

CVE•added 2025/03/11 8:42 p.m.•46 views

CVE-2025-2014

Ashlar-Vellum Cobalt is affected by CVE-2025-2014, a vulnerability in the parsing of VS files due to an uninitialized memory access. The flaw can enable arbitrary code execution in the context of the current process when a user visits a malicious page or opens a malicious file, requiring user int...

7.8CVSS8.1AI score0.00231EPSS

Exploits0References1Affected Software1

OSV•added 2025/03/11 2:15 p.m.•26 views

CVE-2025-27363

8.1CVSS8.3AI score0.70344EPSS

Exploits0References15

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by