(0Day) GoPro Player MOV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GoPro Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MOV...

PbootCMS Remote Code Execution Vulnerability

PbootCMS is an open source enterprise building content management system CMS developed using the PHP language. PbootCMS has a security vulnerability, the vulnerability stems from the platform's message board function does not validate the data, an attacker can exploit the vulnerability to execute...

PbootCMS 安全漏洞

PbootCMS is an open source enterprise building content management system CMS developed using the PHP language. PbootCMS has a security vulnerability, the vulnerability stems from the platform's message board function does not validate the data, an attacker can exploit the vulnerability to execute...

PbootCMS 跨站脚本漏洞

PbootCMS is an open source enterprise building content management system CMS using PHP language developed by PbootCMS individual developers. PbootCMS suffers from a cross-site scripting vulnerability that stems from the product's admin.php page not properly validating client-side data. An attacke...

Siemens Simcenter Femap modfem File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Django SQL Injection Vulnerability (CNVD-2021-49046)

Django is an open source web application framework , written in Python . A SQL injection vulnerability exists in Django versions 3.2.x prior to 3.2.5 and 3.1.x prior to 3.1.13. The vulnerability is related to a code flaw. querySet.orderby does not perform strict validation of data when processing...

The vulnerabilities of the functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage in the console image editor ImageMagick components, related to the lack of data validation, allow attackers to trigger service interruptions.

The vulnerability of the functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage in the ImageMagick console graphic editor’s code components coders/dcm.c, coders/pwp.c, coders/cals.c, and coders/p Pict.c is related to the lack of data validation during function execution. Exploitin...

IBM Datacap Fastdoc Capture Cross-Site Scripting Vulnerability

IBM Datacap Fastdoc Capture is a client-only capture software solution from IBM USA that automatically indexes scanned documents for accurate storage and retrieval. A cross-site scripting vulnerability exists in IBM Datacap Fastdoc Capture that stems from a lack of proper validation of client-sid...

CVE-2021-31511

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2021-31509

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2021-31512

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

The vulnerability of the software platform for developing and managing online stores Magento Commerce arises from insufficient validation of input data. This allows attackers to access confidential information.

The vulnerability of the Magento Commerce software platform for developing and managing online stores exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

The vulnerability of the eBPF subsystem in the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the eBPF subsystem in the Linux operating system exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the xen-netback component in the Linux operating system allows a hacker to increase their privileges or expose sensitive information.

The vulnerability of the xen-netback component in the Linux operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to increase their privileges or disclose sensitive information...

Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DW...

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US-based Autodesk Corporation. A buffer error vulnerability exists in Autodesk AutoCAD that stems from a lack of proper validation of user-supplied data and can be exploited by an attacker to execute code...