Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): MATLAB
- Search Type: Search All
- CPE Name Search: false
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-49656 |
Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Published: November 29, 2023; 9:15:07 AM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-49655 |
A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system. Published: November 29, 2023; 9:15:07 AM -0500 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-49654 |
Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system. Published: November 29, 2023; 9:15:07 AM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2021-28967 |
The unofficial MATLAB extension before 2.0.1 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace because of lint configuration settings. Published: March 24, 2021; 3:15:12 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-15140 |
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c. Published: August 18, 2019; 3:15:09 PM -0400 |
V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-10800 |
When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data. Published: July 02, 2017; 9:29:00 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-6809 |
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization. Published: April 06, 2017; 5:59:00 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |