Siemens Solid Edge Viewer DFT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

TotoLink A3002RU 跨站脚本漏洞

Totolink TOTOLINK A3002RU is a wireless router product from Gion Electronics Totolink, Taiwan, China.A cross-site scripting vulnerability exists in TOTOLINK A3002R V1.1.1-B20200824, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could use th...

The vulnerability of the Thunderbird email client, which exists due to insufficient validation of input data, allows attackers to trigger a service failure.

The vulnerability of the Thunderbird email client exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures due to corrupted headers...

Phpgurukul Vehicle Parking Management System 跨站脚本漏洞

Phpgurukul Vehicle Parking Management System is a parking management system by the PHPGurukul Phpgurukul team. Phpgurukul Vehicle Parking Management System 1.0 suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the web application...

Siemens JT2Go DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...

Siemens JT2Go DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...

Siemens JT2Go DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF...

Adobe Bridge PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Pixelimity 跨站脚本漏洞

Pixelimity is a PHP-based open source CMS Content Management System. Pixelimity 1.0 suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability to execute client-side code...

xArrow SCADA 跨站脚本漏洞

xArrow SCADA is an installer for industrial control products from xArrow in China. A cross-site scripting vulnerability exists in xArrow SCADA. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execut...

EDX Open edX 跨站脚本漏洞

EDX Open edX is an online learning management system from the U.S.-based edX EDX. Open edX suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side co...

BlackBerry QNX Software Development Platform 输入验证错误漏洞

Blackberry QNX Software Development Platform is a QNX software development platform from Blackberry Canada. The platform is primarily used to develop software based on the QNX platform. An input validation error vulnerability exists in the BlackBerry QNX Software Development Platform. The...

WordPress 插件跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin Skaut bazar. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to...

Domainmod Cross-Site Scripting Vulnerability (CNVD-2021-70164)

A cross-site scripting vulnerability exists in Domainmod, a PHP and MySQL-based open source application for managing domain names and other Internet assets in a central location from the Domainmod community, which stems from the lack of proper validation of client-side data by the web application...

CVE-2021-37664

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to BoostedTreesSparseCalculateBestFeatureSplit. The implementation needs to validate that...

Domainmod 跨站脚本漏洞

A cross-site scripting vulnerability exists in Domainmod, a PHP and MySQL-based open source application for managing domain names and other Internet assets in a central location from the Domainmod community, which stems from the lack of proper validation of client-side data by the web application...

Horner Automation Cscape 缓冲区错误漏洞

Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape due to a lack of effective data validation when parsing project files, which could lead to an out-of-bounds...

GetSimple CMS 跨站请求伪造漏洞

GetSimple CMS is a content management system CMS written in PHP. A security vulnerability exists in the My SMTP Contact v1.1.1 plugin for GetSimple CMS, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit the vulnerability to execute...

(0Day) Delta Industrial Automation DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

(0Day) Delta Industrial Automation DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...