MAL-2025-37420 Malicious code in typopro-web-TypoPRO-BebasNeue (npm)

The package typopro-web-TypoPRO-BebasNeue was found to contain malicious code...

CVE-2024-37420

Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site Library allows Upload a Web Shell to a Web Server.This issue affects Zita Elementor Site Library: from n/a through 1.6.1...

CVE-2024-37420 WordPress Zita Elementor Site Library plugin <= 1.6.1 - Arbitrary Code Execution vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site Library allows Upload a Web Shell to a Web Server.This issue affects Zita Elementor Site Library: from n/a through 1.6.1...

CVE-2024-37420 WordPress Zita Elementor Site Library plugin <= 1.6.1 - Arbitrary Code Execution vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site Library allows Upload a Web Shell to a Web Server.This issue affects Zita Elementor Site Library: from n/a through 1.6.1...

CVE-2024-37420

CVE-2024-37420: Zita Elementor Site Library (WordPress plugin) versions 1.6.1) or patch is available; as a workaround, restrict uploads to safe file types until patched. The vulnerability is tracked across multiple sources and is marked as patched in known advisories.

WordPress Zita Elementor Site Library Plugin <= 1.6.1 is vulnerable to Arbitrary Code Execution

Software Zita Elementor Site Library Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A1: Broken Access Control Classification Arbitrary Code Execution CVE CVE-2024-37420 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID a25d18d1f0cd Credits Majed Refaea...

SUSE CVE-2023-37420

Multiple out-of-bounds write vulnerabilities exist in the VCD parsevaluechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns t...

CVE-2023-37420

Multiple out-of-bounds write vulnerabilities exist in the VCD parsevaluechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns t...

UBUNTU-CVE-2023-37420

Multiple out-of-bounds write vulnerabilities exist in the VCD parsevaluechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns t...

CVE-2023-37420

CVE-2023-37420 affects GTKWave, a waveform viewer for VCD files. The vulnerability is an out-of-bounds write in the VCD parse_valuechange portdump path, exploitable when a victim opens a crafted .vcd file (via the vcd2lxt conversion utility), potentially enabling arbitrary code execution. Affecte...

CVE-2021-37420

creationtimestamp| type| source ---|---|--- 2021-09-21 16:27:51+00:00| seen| https://t.me/cibsecurity/29180...

CVE-2021-37420

Zoho ManageEngine ADSelfService Plus is affected by a mail spoofing vulnerability in versions prior to 6112. The connected sources consistently reference ADSelfService Plus before 6112 as vulnerable, with remediation implied by version 6112 (hotfix/update). No deeper technical root cause or explo...