Ashlar-Vellum Argon vulnerabilities
13 known vulnerabilities affecting ashlar-vellum/argon.
Total CVEs
13
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH11
Vulnerabilities
Page 1 of 1
CVE-2025-65084P2CRITICALCVSS 9.8≤ 12.6.1204.2162025-11-25
CVE-2025-65084 [CRITICAL] CWE-787 CVE-2025-65084: An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and
An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code.
nvd
CVE-2025-65085P3CRITICALCVSS 9.8≤ 12.6.1204.2162025-11-25
CVE-2025-65085 [CRITICAL] CWE-122 CVE-2025-65085: A Heap-based Buffer Overflow vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium
A Heap-based Buffer Overflow vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code.
nvd
CVE-2023-44438P3HIGHCVSS 8.8vArgon v12 Beta Build 1204.682024-05-03
CVE-2023-44438 [HIGH] CWE-427 CVE-2023-44438: Ashlar-Vellum Argon Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulne
Ashlar-Vellum Argon Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Argon. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
nvd
CVE-2025-65086P3HIGHCVSS 7.8≤ 12.6.1204.2162026-05-12
CVE-2025-65086 [HIGH] CWE-787 CVE-2025-65086: An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and
An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed.
nvd
CVE-2025-46269P3HIGHCVSS 7.8fixed in 12.6.1204.2042025-08-18
CVE-2025-46269 [HIGH] CWE-122 CVE-2025-46269: In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, th
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing VC6 files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
nvd
CVE-2025-52584P3HIGHCVSS 7.8fixed in 12.6.1204.2042025-08-18
CVE-2025-52584 [HIGH] CWE-122 CVE-2025-52584: In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, th
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing XE files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
nvd
CVE-2025-53705P3HIGHCVSS 7.8fixed in 12.6.1204.2042025-08-18
CVE-2025-53705 [HIGH] CWE-787 CVE-2025-53705: In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, th
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing CO files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
nvd
CVE-2025-41392P3HIGHCVSS 7.8fixed in 12.6.1204.2042025-08-18
CVE-2025-41392 [HIGH] CWE-125 CVE-2025-41392: In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, th
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing AR files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
nvd
CVE-2023-39427P3HIGHCVSS 7.8vv12 SP0 Build (1204.77)2023-10-26
CVE-2023-39427 [HIGH] CWE-787 CVE-2023-39427: In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share v12 SP0 Build (1204.77), the affec
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share v12 SP0 Build (1204.77), the affected applications lack proper validation of user-supplied data when parsing XE files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
nvd
CVE-2023-40222P3HIGHCVSS 7.8fixed in v12 SP2 Build (1204.200)2025-02-04
CVE-2023-40222 [HIGH] CWE-122 CVE-2023-40222: In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks p
In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing CO files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
nvd
CVE-2023-39943P3HIGHCVSS 7.8fixed in v12 SP2 Build (1204.200)2025-02-04
CVE-2023-39943 [HIGH] CWE-787 CVE-2023-39943: In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks p
In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing XE files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
nvd
CVE-2025-65088P3HIGHCVSS 7.8≤ 12.6.1204.2162026-05-12
CVE-2025-65088 [HIGH] CWE-125 CVE-2025-65088: An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and C
An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed.
nvd
CVE-2025-65087P3HIGHCVSS 7.8≤ 12.6.1204.2162026-05-12
CVE-2025-65087 [HIGH] CWE-125 CVE-2025-65087: An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and C
An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed.
nvd