36 matches found
EUVD-2023-43151
Malicious code in bioql PyPI...
CVE-2025-8006
CVE-2025-8006 affects Ashlar-Vellum Cobalt XE. The vulnerability is a parsing-time OOB read in XE file processing that allows remote code execution. Exploitation requires user interaction (target must visit a malicious page or open a malicious file). The issue stems from insufficient validation o...
(0Day) Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...
Ashlar-Vellum Cobalt 输入验证错误漏洞
Ashlar-Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar-Vellum. An input validation error vulnerability exists in Ashlar-Vellum Cobalt that stems from an integer overflow when parsing an XE file, which could lead to remote code execution...
CVE-2023-39943
In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build 1204.200, the affected application lacks proper validation of user-supplied data when parsing XE files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the...
PT-2024-17906 · Ashlar Vellum · Ashlar-Vellum Cobalt
Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt affected versions not specified Description: The issue is a type confusion vulnerability in the parsing of XE files, which can be exploited by remote attackers to execute arbitrary code on affected installations of...
CVE-2023-35713
Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-35711
Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...
CVE-2023-35712
Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-34300
Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...
CVE-2023-34288
Ashlar-Vellum Cobalt XE File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target mus...
CVE-2023-35713 Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability
Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-35713
Ashlar-Vellum Cobalt XE is affected by a vulnerability in the XE file parsing path due to uninitialized memory access, enabling arbitrary code execution in the context of the current process when a user opens a malicious XE file or visits a malicious page. The issue is triggered during parsing of...
CVE-2023-35711
CVE-2023-35711 concerns Ashlar-Vellum Cobalt XE. The vulnerability is in the XE file parser where an unvalidated user-supplied value can be dereferenced as a pointer, enabling arbitrary code execution. Multiple sources (NVD, CVE records, ZDI advisory) describe it as a remote code execution vulner...
CVE-2023-35712 Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability
Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-35711 Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...
CVE-2023-35712
Ashlar-Vellum Cobalt XE is affected by a remote code execution vulnerability in the XE file parser caused by uninitialized memory access. The issue allows an attacker, with user interaction (visiting a malicious page or opening a malicious XE file), to execute code in the context of the victim pr...
CVE-2023-35711 Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...
CVE-2023-35712 Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability
Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-34300 Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...