86 matches found
CVE-2024-43106
A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage Excel's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of...
CVE-2024-43106
A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage Excel's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of...
The vulnerability of the Veritas NetBackup software for backup and data restoration operations lies in the lack of measures taken to neutralize special elements used in the operating system commands. This allows an attacker to execute arbitrary code.
The vulnerability of the Veritas NetBackup backup and recovery software relates to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code, provided that the user downloads a...
PT-2024-11915 · Undefined · Undefined
CVE-2024-50986 CVE-20224-50986 DLL Hijacking Exploit for Clementine Description: An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file. Version Affected: Clementi... https://t.co/QByf3fJ8GI...
The vulnerability of the Microsoft PowerPoint presentation preparation and viewing software for the Mac OS allows a hacker to circumvent existing security restrictions.
The vulnerability of the Microsoft PowerPoint presentation preparation and viewing software for the Mac OS is related to improper verification of the cryptographic signature. Exploiting this vulnerability can allow an attacker to circumvent existing security restrictions using a specially created...
The vulnerability of Microsoft Teams’ operating system allows a hacker to bypass existing security restrictions.
The vulnerability of Microsoft Teams’ operating system-related corporate platform lies in the improper verification of the cryptographic signature. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions using a specially created library...
Microsoft Teams 数据伪造问题漏洞
Microsoft Teams is a software for online meetings, chat, and cloud storage capabilities from Microsoft USA. A data forgery issue vulnerability exists in Microsoft Teams version 24046.2813.2770.1094, which stems from a specially crafted library in the macOS version that can be exploited to gain...
Microsoft Office 数据伪造问题漏洞
Microsoft Office is an office software suite product of Microsoft Corporation USA. Commonly used components of this product include Word, Excel, Access, Powerpoint, FrontPage, and so on. Microsoft Office version 16.83 suffers from a Data Forgery Issue vulnerability that stems from a specially...
Mitsubishi Electric MC Works64 Code Issue Vulnerability
Mitsubishi Electric MC Works64 is a data acquisition and monitoring system SCADA from Mitsubishi Electric Japan. A code issue vulnerability exists in Mitsubishi Electric MC Works64, which stems from an uncontrolled search path element vulnerability that allows a local attacker to execute maliciou...
JP1/Extensible SNMP Agent fails to restrict access permissions
Overview JP1/Extensible SNMP Agent provided by Hitachi fails to restrict access permissions CWE-276. Yutaka Kokubu, Shun Suzaki, and Kazuki Hirota of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
CVE-2024-21805
Improper access control vulnerability exists in the specific folder of SKYSEA Client View versions from Ver.16.100 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary file may be placed in the specific folder by a user who can log in to the PC where the product's Windows client is...
UwAmp 代码问题漏洞
UwAmp is a Zip archive from UwAmp. Simply unzip it to run a wamp server. A security vulnerability exists in UwAmp that originated from a vulnerability that allows remote attackers to execute arbitrary code via a crafted DLL. The following products and versions are affected: UwAmp versions 1.1, 1....
SUSE CVE-2009-0521
Untrusted search path vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Linux allows local users to obtain sensitive information or gain privileges via a crafted library in a directory contained in the RPATH...
Avast Premium Security 代码问题漏洞
Avast Premium Security is an application from the Czech company Avast. Avast Premium Security has an arbitrary file writing vulnerability that can be exploited to cause a denial of service DoS via a specially crafted DLL file...
CVE-2022-25791
A Memory Corruption vulnerability for DWF and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 may lead to code execution through maliciously crafted DLL files...
HiBARA Software AttacheCase 代码问题漏洞
HiBARA Software AttacheCase is a powerful file/folder encryption software from the Japanese individual developer Hibara Mitsuhiro. A code issue vulnerability exists in HiBARA Software AttacheCase version 4.0.2.7, which arises from loading DLL libraries in an insecure manner. A remote attacker can...
CVE-2022-25182
A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries Plugin uses the names of Pipeline libraries to create directories without canonicalization or sanitization. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins...
CVE-2022-25182
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller JVM using specially crafted library names if a global Pipeline library is already...
CVE-2021-26750
DLL hijacking in Panda Agent =1.16.11 in Panda Security, S.L.U. Panda Adaptive Defense 360 = 8.0.17 allows attacker to escalate privileges via maliciously crafted DLL file...
KLA12135 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. A security vulnerability can be exploited via special crafted version of key to...