Skip to main content

Davinci Resolve

2 CVEs product

Monthly

CVE-2021-40418 CRITICAL POC THREAT Act Now

When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Davinci Resolve
NVD
CVSS 3.1
9.8
EPSS
17.9%
CVE-2021-40417 CRITICAL POC THREAT Act Now

When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination of decoding parameters that were submitted with the job along with fields that were. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Davinci Resolve
NVD
CVSS 3.1
9.8
EPSS
15.7%
EPSS 18% CVSS 9.8
CRITICAL POC THREAT Act Now

When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Davinci Resolve
NVD
EPSS 16% CVSS 9.8
CRITICAL POC THREAT Act Now

When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination of decoding parameters that were submitted with the job along with fields that were. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Davinci Resolve
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy