7657 matches found
[slackware-security] tigervnc
New tigervnc packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/tigervnc/tigervnc-1.12.0-i586-5slack15.0.txz: Rebuilt. Recompiled against xorg-server-1.20.14, including the latest patches for several securit...
current-logic.com Cross Site Scripting vulnerability OBB-3838217
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2024-19413 · Unknown · Anything-Llm
Name of the Vulnerable Software and Affected Versions: AnythingLLM versions prior to commit 08d33cfd8 Description: AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. In versions prior to commit...
Slackware: Security Advisory (SSA:2024-016-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] xorg-server
New xorg-server packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xorg-server-1.20.14-i586-11slack15.0.txz: Rebuilt. This update fixes security issues: Heap buffer overflow in DeviceFocusEvent an...
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Citrix StoreFront Security Bulletin for CVE-2023-5914
A vulnerability has been discovered in Citrix StoreFront, which, if exploited, may result in a Cross-site scripting XSS attack. Affected Versions: The following supported versions of Citrix StoreFront are affected by the vulnerability: Current Release CR Citrix StoreFront before 2308.1 Citrix...
crypto-js: PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
A vulnerability was found in crypto-js in how PBKDF2 is 1,000 times weaker than originally specified in 1993 and at least 1,300,000 times weaker than the current industry standard. This issue is because both default to SHA1, a cryptographic hash algorithm considered insecure since at least 2005,...
Siemens JT2Go and Teamcenter Visualization Buffer Overflow Vulnerability (CNVD-2024-01390)
JT2Go is a JT file viewer.Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios. A buffer overflow vulnerability exists in Siemens JT2Go and Teamcenter Visualization, which can be exploited by an attacker to execute code in the context of the...
Adobe Substance 3D Stager 缓冲区错误漏洞
Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance 3D Stager, which can be exploited by an attacker to bypass ASLR and execute arbitrary code in the current user's context...
Siemens Solid Edge Uninitialized Pointer Access Vulnerability (CNVD-2024-01400)
Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. An uninitialized pointer access vulnerability exists in Siemens Solid Edge, which can be exploited by an attacker to execute code in the...
Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2024-01406)
Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context ...
Heap overflow
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 10. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
Siemens JT2GO和Teamcenter Visualization 安全漏洞
JT2Go is a JT file viewer.Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios. A buffer overflow vulnerability exists in Siemens JT2Go and Teamcenter Visualization, which can be exploited by an attacker to execute code in the context of the...
Siemens Solid Edge 安全漏洞
Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. A buffer overflow vulnerability exists in Samsung Solid Edge, which can be exploited by an attacker to execute code in the context of th...
Siemens Solid Edge 缓冲区错误漏洞
Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context...
Siemens Solid Edge 缓冲区错误漏洞
Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. An uninitialized pointer access vulnerability exists in Siemens Solid Edge, which can be exploited by an attacker to execute code in the...
Siemens Solid Edge 安全漏洞
Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. A buffer overflow vulnerability exists in Samsung Solid Edge, which can be exploited by an attacker to execute code in the context of th...
CVE-2023-6552
Summary of CVE-2023-6552 (TasmoAdmin) : Affected product is TasmoAdmin; root cause is lack of validation of the current GET parameter during the language change action, causing an open redirect. Connected sources indicate Open Redirect in TasmoAdmin with versions prior to 3.3.0. Impact is an open...