QNAP NAS devices buffer error vulnerability

A buffer error vulnerability exists in QNAP NAS devices that originates when a network system or product performs an operation in memory without properly validating data boundaries, resulting in an incorrect read or write operation being performed to an associated other memory location. An attack...

The vulnerability of Intel Graphics Driver drivers lies in insufficient validation of input data, which allows attackers to exploit their privileges.

The vulnerability of Intel Graphics Drivers’ drivers is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of Intel Graphics Driver drivers lies in the lack of data validation, which allows attackers to trigger a service failure.

The vulnerability of Intel Graphics Drivers’ drivers is related to the lack of data validation during return operations. Exploiting this vulnerability can allow a hacker to trigger a service failure...

The vulnerability of the microprogrammed software of Intel Ethernet E810 controllers, related to insufficient input data verification, allows a intruder to trigger a service failure.

The vulnerability of Intel Ethernet E810 controller’s microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

Webmin <= 1.941 Multiple Vulnerabilities

According to its self-reported version, the version of Webmin on the remote host is affected by multiple vulnerabilities, including the following: - An XSS Vulnerability exists in Webmin 1.941 and earlier affecting the Cluster Shell Commands Endpoint. A user may enter any XSS Payload into the...

Horde Groupware Webmail 跨站脚本漏洞

Horde Groupware Webmail is a browser-based, enterprise-class communications suite from Horde, Inc. A cross-site scripting vulnerability exists in Horde Groupware Webmail Edition, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

CVE-2020-27860

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Deserialization of untrusted data

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Qognify Ocularis 5.9.0.395. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of serialized objects provided to the EventCoordinator endpoint...

Microsoft SharePoint Workflow Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the SPWorkflowDataSourceView class. The issue results from...

Open Build Service 跨站脚本漏洞

Open Build Service OBS is a general-purpose system for building and distributing packages from source code in an automated, consistent, and repeatable manner, organized by the Open Build Service. A cross-site scripting vulnerability exists in Open Build Service that stems from a lack of proper...

F5 BIG-IP 跨站脚本漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. F5 BIG-IP suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data by th...

BIG-IP 跨站脚本漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cross-site scripting vulnerability exists in BIG-IP, which stems from the lack of proper validation of client-side data by t...

Adobe Illustrator DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of D...

Adobe Photoshop TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

Microsoft Windows wab32 WAB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of W...

Microsoft Windows Camera Codec Pack Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Omron CX-One NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI...

PNPSCADA Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in PNPSCADA that stems from a lack of proper validation of client-side data by the WEB application. An attacker could exploit this vulnerability to execute client-side code...

Intel EPID SDK Input Validation Error Vulnerability

An input validation error vulnerability exists in the Intel EPID SDK that arises from a network system or product that does not properly validate incoming data...

Henriquedornas 跨站脚本漏洞

Henriquedornas is a web framework from Henriquedornas Brazil. Provides a framework for building websites. A cross-site scripting vulnerability exists in Henriquedornas that stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerabilit...