Lucene search
K
AshlarGraphite

15 matches found

CVE
CVE
added 2024/12/30 8:16 p.m.64 views

CVE-2024-13050

CVE-2024-13050 affects Ashlar-Vellum Graphite. The root cause is a failure to validate the length of user-supplied data while parsing VC6 files, causing a heap-based buffer overflow that can lead to remote code execution. The vulnerability requires user interaction (the target must open a malicio...

7.8CVSS8.1AI score0.00294EPSS
CVE
CVE
added 2024/12/30 8:16 p.m.58 views

CVE-2024-13051

Ashlar-Vellum Graphite is affected by a VC6 file parsing heap-based buffer overflow that can enable remote code execution. The flaw arises from insufficient validation of user-supplied data length before copying to a heap buffer, allowing an attacker to run code in the target process. Exploitatio...

7.8CVSS8.1AI score0.00294EPSS
CVE
CVE
added 2024/05/03 1:57 a.m.51 views

CVE-2023-34308

Ashlar-Vellum Graphite is affected by CVE-2023-34308 due to an out-of-bounds write in VC6 file parsing. The flaw arises from insufficient validation of user-supplied data, which can cause a write past the end of an allocated buffer and permit remote code execution in the context of the current pr...

8.8CVSS8AI score0.00916EPSS
CVE
CVE
added 2024/05/03 1:57 a.m.50 views

CVE-2023-34307

CVE-2023-34307 affects Ashlar-Vellum Graphite, specifically the VC6 file parser. The issue is an out-of-bounds write caused by insufficient validation of VC6 file data, leading to remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a malicious file)...

8.8CVSS8AI score0.00889EPSS
CVE
CVE
added 2023/10/26 7:29 p.m.43 views

CVE-2023-39427

CVE-2023-39427 affects Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share v12 SP0 Build (1204.77). The root cause is insufficient validation of user-supplied XE file data, causing an out-of-bounds write that could enable arbitrary code execution in the current process. Related sources ...

7.8CVSS7.8AI score0.00202EPSS
CVE
CVE
added 2024/05/03 1:57 a.m.40 views

CVE-2023-34306

Ashlar-Vellum Graphite VC6 file parsing vulnerability enables stack-based buffer overflow leading to remote code execution. Root cause: improper validation of the length of user-supplied data prior to copying it to a stack-based buffer while parsing VC6 files. Attack requires user interaction (ta...

8.8CVSS8AI score0.00897EPSS
CVE
CVE
added 2023/10/26 7:24 p.m.39 views

CVE-2023-39936

In Graphite v13.0.48, Ashlar-Vellum Graphite parsing VC6 files is vulnerable due to improper validation of user-supplied data, causing an out-of-bounds read that could allow arbitrary code execution in the process. The issue is documented across multiple sources (NVD/ICS-CISA), confirming the aff...

7.8CVSS7.8AI score0.0026EPSS
CVE
CVE
added 2025/09/17 8:51 p.m.27 views

CVE-2025-7981

CVE-2025-7981 is associated with Ashlar-Vellum Graphite VC6 file parsing, where uninitialized memory during VC6 file parsing can enable remote code execution. The vulnerability allows code execution in the attacker’s context and requires user interaction (target must visit a crafted page or open ...

7.8CVSS7.2AI score0.00215EPSS
CVE
CVE
added 2025/09/17 8:52 p.m.24 views

CVE-2025-7986

CVE-2025-7986 affects Ashlar-Vellum Graphite VC6. The issue is in VC6 file parsing where lack of validation causes an out-of-bounds write, enabling remote code execution. Exploitation requires user interaction (target must open a malicious page/file). ZDI- CAN-25755 is associated with the disclos...

7.8CVSS7.2AI score0.00189EPSS
CVE
CVE
added 2025/09/17 8:51 p.m.22 views

CVE-2025-7978

Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution (CVE-2025-7978) is caused by uninitialized memory during VC6 file parsing, allowing code execution in the current process. Exploitation requires user interaction (visiting a malicious page or opening a malicious ...

7.8CVSS7.2AI score0.00215EPSS
CVE
CVE
added 2025/09/17 8:52 p.m.22 views

CVE-2025-7987

CVE-2025-7987 concerns Ashlar-Vellum Graphite VC6, where the VC6 file parsing path allows an out-of-bounds write, enabling remote code execution. The flaw stems from insufficient validation of user-supplied data during VC6 file parsing, which can cause a write past the end of an allocated buffer....

7.8CVSS7.2AI score0.00193EPSS
CVE
CVE
added 2025/09/17 8:51 p.m.19 views

CVE-2025-7980

CVE-2025-7980 affects Ashlar-Vellum Graphite VC6. The vulnerability is in the parsing of VC6 files, caused by insufficient validation of user-supplied data, leading to an out-of-bounds write and remote code execution. Impact is high and requires user interaction (target must open a malicious page...

7.8CVSS7.2AI score0.00203EPSS
CVE
CVE
added 2025/09/17 8:52 p.m.19 views

CVE-2025-7988

CVE-2025-7988 affects Ashlar-Vellum Graphite, specifically the VC6 file parser. The vulnerability is a parsing error causing a buffer overrun (out-of-bounds write) in VC6 file processing, leading to remote code execution . Exploitation requires user interaction (visiting a malicious page or openi...

7.8CVSS7.2AI score0.00193EPSS
CVE
CVE
added 2025/09/17 8:51 p.m.18 views

CVE-2025-7983

CVE-2025-7983 affects Ashlar-Vellum Graphite and concerns a VC6 file parsing heap-based buffer overflow that enables remote code execution. The flaw stems from insufficient validation of the length of user-supplied data prior to copying it into a heap buffer, with exploitation requiring user inte...

7.8CVSS7.2AI score0.00206EPSS
CVE
CVE
added 2025/09/17 8:51 p.m.17 views

CVE-2025-7979

CVE-2025-7979 affects Ashlar-Vellum Graphite VC6. The vulnerability is a stack-based buffer overflow in the VC6 file parsing component caused by insufficient validation of user-supplied data length prior to copying to a stack buffer. This enables remote code execution in the current process conte...

7.8CVSS7.2AI score0.00206EPSS