CVE-2025-41392 | Ashlar-Vellum Cobalt/Xenon/Argon/Lithium/Cobalt Share prior 12.6.1204.204 AR File Parser out-of-bounds (icsa-25-224-01)

Inserito da Angelo Barbosa | Ago 12, 2025 | CVE

A vulnerability classified as critical has been found in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium and Cobalt Share. Affected is an unknown function of the component AR File Parser. The manipulation leads to out-of-bounds read.

This vulnerability is traded as CVE-2025-41392. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-41392 | Ashlar-Vellum Cobalt/Xenon/Argon/Lithium/Cobalt Share prior 12.6.1204.204 AR File Parser out-of-bounds (icsa-25-224-01)

Post correlati

CVE-2024-50211 | Linux Kernel up to 6.6.58/6.11.5 udf inode_bmap Privilege Escalation (493447dd8336/b22d9a5698ab/c226964ec786)

CVE-2024-28960 | mbed TLS up to 2.28.7/3.5.x PSA Crypto API Privilege Escalation

CVE-2024-10172 | voidcoders WPBakery Visual Composer WHMCS Elements Plugin up to 1.0.4 on WordPress Shortcode void_wbwhmcse_laouts_search cross site scripting

CVE-2022-38947 | Flipkart-Clone-PHP 1.0 entry.php product_title sql injection