The vulnerability of Microsoft Excel spreadsheet editors, Microsoft Office programs, and Microsoft 365 Apps for Enterprise, related to the possibility of using freed memory, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Excel spreadsheet editors, as well as Microsoft Office products and Microsoft 365 Apps for Enterprise, is related to the ability to utilize freed memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially crafted...

LibreOffice 路径遍历漏洞

LibreOffice is an open source office software suite from The Document Foundation. A path traversal vulnerability exists in LibreOffice versions prior to 24.8 through 24.8.4 that stems from a path traversal error and allows an attacker to write to an arbitrary location via a file in a specific...

Nav2 安全漏洞

Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that originates from the nav2amcl process containing a buffer overflow. An attacker exploiting the vulnerability can be triggered by sending a carefully crafted .yaml file...

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter, related to reading beyond the buffer boundary in memory, allows a hacker to execute arbitrary code.

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current user, using a specially created file...

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter, related to the occurrence of operations outside the buffer boundaries in memory, allows attackers to gain unauthorized access to protected information.

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created file...

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter, related to reading beyond the buffer boundary in memory, allows a hacker to execute arbitrary code.

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current user, using a specially created file...

The vulnerability of the Updater component of the Google Chrome browser, which allows a hacker to escalate their privileges.

The vulnerability of the Updater component in Google Chrome relates to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by sending a specially crafted malicious file...

The vulnerability of the read_samples() function in the voc.c component of the SoX sound processing software allows a hacker to cause a service failure.

The vulnerability of the readsamples function in the SoX sound processing component voc.c is related to the lack of checks for division by zero. Exploiting this vulnerability allows a attacker to cause a service failure using a specially created file...

The vulnerability of the File Transfer Protocol (FTP) implementation in the microprogrammed network devices of Zyxel ATP, USG FLEX, and USG FLEX 50(W)/USG20(W)-VPN allows a perpetrator to execute arbitrary commands.

The vulnerability of the File Transfer Protocol FTP implementation in the microprogrammed network devices Zyxel ATP, USG FLEX, and USG FLEX 50W/USG20W-VPN is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability...

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 involve memory management issues after memory is freed, allowing attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Acrobat Reader 2020 is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary...

SUSE CVE-2024-28130

An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOIPList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations arises from a buffer overflow in the dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations arises due to an overflow in the dynamic memory buffer. Exploiting this vulnerability allows a hacker to execute arbitrary code using a specially created file...

PT-2024-4352 · Google · Google Updator +1

Name of the Vulnerable Software and Affected Versions: Google Updator versions prior to 1.3.36.351 Description: The issue is related to inadequate access control in the Google Updator program, allowing an attacker to bypass discretionary access control using a specially crafted file. This could...

PT-2024-2170 · Libbiosig +1 · Libbiosig +1

Name of the Vulnerable Software and Affected Versions: libbiosig versions 2.5.0 through Master Branch ab0ee111 Description: A use-after-free vulnerability exists in the sopen FAMOS read functionality. This issue can be triggered by a specially crafted .famos file, potentially leading to arbitrary...

DEBIAN-CVE-2023-35703

Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...

UBUNTU-CVE-2023-35004

An integer overflow vulnerability exists in the VZT longestlen value allocation functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...

The vulnerability of the security system and the Nessus vulnerability assessment, which stems from insufficient validation of input data, allows attackers to elevate their privileges to the root or NT AUTHORITY/SYSTEM level on the Nessus host.

The vulnerability of the Nessus security system and its vulnerability assessment are related to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to elevate their privileges to the root or NT AUTHORITY/SYSTEM level on the Nessus...

The vulnerability of the professional video editing software Adobe Premiere Pro, related to access to an uninitialized pointer, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the professional video editing software Adobe Premiere Pro lies in the access to an uninitialized pointer. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created file...

The vulnerability of the cplus-dem.c component of the GNU Binutils development environment allows a attacker to trigger a service failure.

The vulnerability of the cplus-dem.c component of the GNU Binutils development environment is related to the allocation of unlimited memory. Exploiting this vulnerability allows a remote attacker to cause a service failure using a specially created file...

The vulnerability of the processCanonCameraInfo function in the LibRaw image processing library allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the processCanonCameraInfo function in the LibRaw image processing library is related to the output of operations that go beyond buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity,...