10 matches found
EUVD-2022-44425
Malicious code in bioql PyPI...
CVE-2022-41183
Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart...
CVE-2022-41184
Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow...
CVE-2022-41183
Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart...
CVE-2022-41184
Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow...
Code injection
Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart...
Stack overflow
Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow...
CVE-2022-41183
Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart...
CVE-2022-41183
SAP 3D Visual Enterprise Author (v9) contains a vulnerability in the CUR file parsing code leading to memory corruption. The ZDI advisory describes an out-of-bounds read in CUR parsing that can be triggered by opening a malicious CUR file, enabling remote code execution in the context of the affe...
CVE-2022-41184
CVE-2022-41184 affects SAP 3D Visual Enterprise Author v9, where parsing manipulated Windows Cursor Files (.cur, ico.x3d) can trigger a stack-based overflow or use-after-free of a dangling pointer, enabling Remote Code Execution after user opens the crafted file. Exploitation requires user intera...