Page 27 of 35321 results (0.069 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. ... (ZDI-CAN-24244) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/html/ssa-824503.html • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. ... (ZDI-CAN-24237) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/html/ssa-824503.html • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. ... (ZDI-CAN-24233) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/html/ssa-824503.html • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. ... (ZDI-CAN-24231) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/html/ssa-824503.html • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Deserialization of Untrusted Data vulnerability in Apache HertzBeat. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat: before 1.6.1. Users are recommended to upgrade to version 1.6.1, which fixes the issue. • https://lists.apache.org/thread/oor9nw6nh2ojnfw8d8oxrv40cbtk5mwj https://lists.apache.org/thread/p33tg0vo5nh6kscth4262ktsqo3h5lqo • CWE-502: Deserialization of Untrusted Data •