SUSE CVE-2020-25741

fdctrlwritedata in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive...

SUSE CVE-2021-3013

ripgrep before 13 on Windows allows attackers to trigger execution of arbitrary programs from the current working directory via the -z/--search-zip or --pre flag...

SUSE CVE-2021-36770

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library in the current working directory that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm 3.05...

SUSE CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH...

SUSE CVE-2022-39955

The OWASP ModSecurity Core Rule Set CRS is affected by a partial rule set bypass by submitting a specially crafted HTTP Content-Type header field that indicates multiple character encoding schemes. A vulnerable back-end can potentially be exploited by declaring multiple Content-Type "charset" nam...

[slackware-security] php

New php packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/php-7.4.33-i586-3slack15.0.txz: Rebuilt. This update fixes security issues: Core: Passwordverify always return true with some hash. Core:...

Adobe Bridge 输入验证错误漏洞

Adobe Bridge is a file viewer from Adobe, Inc. Adobe Bridge is vulnerable to an input validation error that could be exploited to execute arbitrary code in the context of the current user...

Adobe Animate 资源管理错误漏洞

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from a memory misreference vulnerability that originates from a mix-up in the program's instructions responsible for freeing memory. An attacker could exploit this vulnerability to...

Adobe Photoshop 输入验证错误漏洞

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. Adobe Photoshop suffers from an input validation error vulnerability that originates from improper user input validation and can be exploited by an...

Adobe Bridge 缓冲区错误漏洞

Adobe Bridge is a file viewer from Adobe, Inc. An out-of-bounds write vulnerability exists in Adobe Bridge, which can be exploited to execute arbitrary code in the context of the current user...

Adobe Bridge 缓冲区错误漏洞

Adobe Bridge is a file viewer from Adobe, Inc. An out-of-bounds write vulnerability exists in Adobe Bridge, which can be exploited to execute arbitrary code in the context of the current user...

Adobe Bridge 缓冲区错误漏洞

Adobe Bridge is a file viewer from Adobe, Inc. An out-of-bounds write vulnerability exists in Adobe Bridge, which can be exploited to execute arbitrary code in the context of the current user...

Adobe Animate 缓冲区错误漏洞

Adobe Animate is a set of Flash animation software from Adobe. Adobe Animate is vulnerable to a heap buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

Adobe After Effects 输入验证错误漏洞

Adobe After Effects is a suite of visual effects and motion graphics software from Adobe. Adobe After Effects is vulnerable to an input validation error, which could be exploited to execute arbitrary code in the context of the current user...

Adobe FrameMaker 输入验证错误漏洞

Adobe Framemaker is a set of page layout software for writing and editing large or complex documents including structured documents from Adobe. Adobe FrameMaker has an input validation error vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the curre...

Adobe Animate 缓冲区错误漏洞

Adobe Animate is a Flash animation software from Adobe. Adobe Animate is vulnerable to a stack buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

CVE-2023-22237

After Affects versions 23.1 and earlier, 22.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Siemens Solid Edge Heap Buffer Overflow Vulnerability (CNVD-2023-09120)

Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to heap buffer overflow, which can be exploited by attackers to execute code in the context of the current process...

Siemens Solid Edge Heap Buffer Overflow Vulnerability (CNVD-2023-09119)

Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to heap buffer overflow, which can be exploited by attackers to execute code in the context of the current process...

Siemens Solid Edge Out-of-Bounds Reading Vulnerability (CNVD-2023-09645)

Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an out-of-bounds read vulnerability that could be exploited to execute code in the context of the current process...