11 matches found
JVN#39596244: Improper restriction of XML external entity references (XXE) in FD Application
FD Application provided by Ministry of Health, Labour and Welfare improperly restricts XML external entity references XXE CWE-611. Impact By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker. Solution Update the Software Update the software to the...
CVE-2021-33023
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code...
CVE-2021-38389
Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code...
Advantech WebAccess 缓冲区错误漏洞
Advantech WebAccess is Advantech's suite of HMI/SCADA software based on browser architecture. A stack buffer overflow vulnerability exists in Advantech WebAccess 9.02 and earlier versions. An attacker could exploit this vulnerability to remotely execute code...
CVE-2021-38408
A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution...
South River Technologies WebDrive 9.02 build 2232 - Local Privilege Escalation
South River Technologies WebDrive 9.02 build 2232 - Local Privilege Escalation South River Technologies WebDrive Service Bad Security Descriptor Local Elevation Of Privileges by Nine:Situations:Group::bellick site: http://retrogod.altervista.org/ Software site: http://www.webdrive.com/ Download...
Heap overflow
Heap-based buffer overflow in Opera 9.02 allows remote attackers to execute arbitrary code via a JPEG file with an invalid number of index bytes in the Define Huffman Table DHT marker...
CVE-2007-0126
CVE-2007-0126 concerns Opera 9.02 where a heap-based overflow in processing a JPEG Define Huffman Table (DHT) marker can allow remote code execution. Connected advisories alsoreference CVE-2007-0127 related to a typecasting issue in Opera’s SVG handling. Mitigation documented in GLSA 200701-08 an...
Opera < 9.02 Multiple Vulnerabilities
The version of Opera installed on the remote host reportedly contains a heap-based buffer overflow vulnerability that can be triggered by a long link. Successful exploitation of this issue may result in a crash of the application or even allow for execution of arbitrary code subject to the user's...
Very large link addresses can cause Opera to crash – Opera Security Advisories
Very large link addresses can cause Opera to crash – Opera Security Advisories OPCOM Team | October 17, 2006 Summary: Very large link addresses can cause Opera to crash. Severity: Moderate Problem description An extremely long link address can cause Opera to crash.A specially crafted long link...
A forged SSL server certificate can be accepted by Opera as a valid certificate – Opera Security Advisories
A forged SSL server certificate can be accepted by Opera as a valid certificate – Opera Security Advisories OPCOM Team | September 21, 2006 Summary: A forged SSL server certificate can be accepted by Opera as a valid certificate. Severity: Highly critical Vulnerable versions: Opera for desktop...