Microsoft Office Visio DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Substance 3D Painter USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Substance 3D Painter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Adobe Substance 3D Painter USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Substance 3D Painter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Substance 3D Painter PLY File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Substance 3D Painter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Adobe Substance 3D Painter USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Substance 3D Painter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Siemens Siveillance Video Mobile Server 代码问题漏洞

Siveillance Video formerly known as Siveillance VMS is an IP video management software designed for deployments ranging from small and simple to large and highly secure. A code execution vulnerability exists in Siemens Siveillance Video due to the event server component of the affected applicatio...

PT-2023-12095 · Smu · Smu

Name of the Vulnerable Software and Affected Versions: SMU affected versions not specified Description: The issue is related to insufficient input validation of mailbox data in the SMU, which may allow an attacker to coerce the SMU to corrupt SMRAM. This could potentially lead to a loss of...

Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser from Google, an American company. An input validation error vulnerability exists in versions of Google Chrome prior to 106.0.5249.62, which stems from insufficient DevTools data validation. A remote attacker can exploit this vulnerability by sending a malicious HTTP...

Debian: Security Advisory (DSA-2044-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-17379 · Keysight · Keysight N8844A Data Analytics Web Service

Name of the Vulnerable Software and Affected Versions: Keysight N8844A Data Analytics Web Service affected versions not specified Description: The issue concerns the deserialization of untrusted data without sufficient verification, which can lead to remote code execution. This problem arises...

The vulnerability of the Secure Channel component in Windows operating systems, which allows a hacker to cause a service failure

The vulnerability of the Secure Channel component in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability in the implementation of the Secure Socket Tunneling Protocol (SSTP) on Windows operating systems allows a hacker to induce a service failure.

The vulnerability of the Secure Socket Tunneling Protocol SSTP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileStoreConfig app. The issue results from the lack of proper validation of...

The vulnerability of the Network Address Translation (NAT) technology implementation in Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Network Address Translation NAT technology implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using specially created data...

CVE-2023-27353

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue results from the lack of...

Stack overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MPEG-TS parser. The issue results from the lack of proper...

Lack of zero address check throughout the codebase could lead to unwanted redeployments, address(0) ownership and onTokenTransfer unsuccessful.

Lines of code Vulnerability details Impact User defined address should always have zero address check. This checks SHOULD NOT BE MISSED IN CASE OF A FACTORY CONTRACT. This will lead to redeployments of contract and blockage of certain functionality as described below. It is also worth to note tha...