Ivanti Desktop and Server Management 安全漏洞

Ivanti Desktop and Server Management Ivanti DSM is a multi-platform unified endpoint management solution provided by the American company Ivanti. Versions of Ivanti Desktop and Server Management prior to 2026.1.1 contained security vulnerabilities. These vulnerabilities were due to exposed...

EUVD-2023-46934

Malicious code in bioql PyPI...

goldendict 安全漏洞

goldendict is a feature-rich dictionary lookup program from goldendict open source. A security vulnerability exists in goldendict versions 1.5.0 and 1.5.1, which stems from exposing dangerous methods that could lead to file reads and modifications...

The vulnerability of the Naumen Service Management Platform, related to the use of dangerous methods or functions, allows a perpetrator to execute arbitrary code.

The vulnerability of the Naumen Service Management Platform is related to the use of dangerous methods or functions. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Windows Local Session Manager (LSM) component of the Windows operating system, which allows a hacker to trigger a service failure

The vulnerability of the Windows Local Session Manager LSM component of the Windows operating system is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow a malicious actor to cause service interruptions from a remote location...

The vulnerability of the Swift Mailer module in the Drupal CMS system, related to the use of dangerous methods or functions, allows attackers to exploit it.

The vulnerability of the Swift Mailer module in the Drupal CMS system is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to execute a spear-phishing attack remotely...

The vulnerability of the Orchid Platform, related to the use of dangerous methods or functions, allows a hacker to obtain the server’s IP address.

The vulnerability of the Orchid Platform is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain the server’s IP address through a brute-force attack...

The vulnerability of the software platform for managing security in industrial networks, MXSecurity, arises from the use of dangerous methods or functions, allowing attackers to enhance their privileges.

The vulnerability of the MXSecurity software platform for managing security in industrial networks is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow attackers to enhance their privileges...

PT-2024-40897 · Unknown · Langchainjs

Name of the Vulnerable Software and Affected Versions: langchainjs version 0.2.5 Description: A path traversal issue exists, allowing attackers to save files anywhere in the filesystem, overwrite existing text files, read .txt files, and delete files. This is exploited through the setFileContent,...

The vulnerability of the user console of the Avanpost IDM system, related to the use of dangerous methods or functions, allows a violator to execute arbitrary code.

The vulnerability of the user console of the Avanpost IDM system is related to the use of dangerous methods or functions. Exploiting this vulnerability may allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the user console of the Avanpost IDM system, related to the use of dangerous methods or functions, allows a violator to execute arbitrary code.

The vulnerability of the user console of the Avanpost IDM system is related to the use of dangerous methods or functions. Exploiting this vulnerability may allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the AVG Internet Security antivirus protection lies in the use of dangerous methods or functions, which allow attackers to enhance their privileges.

The vulnerability of the AVG Internet Security antivirus protection lies in the use of dangerous methods or functions. Exploiting this vulnerability can allow attackers to enhance their privileges...

NI VeriStand ProjectServer OpenTool Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI VeriStand. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of service requests in the ProjectServer component. The issue results from...

The vulnerability of the web server used by the monitoring and network traffic analysis software in SINEC Traffic Analyzer allows a perpetrator to gain access to modify arbitrary files.

The vulnerability of the web server used by the monitoring and network traffic analysis software in SINEC Traffic Analyzer is related to the use of dangerous HTTP methods. Exploiting this vulnerability can allow a malicious actor to remotely access and modify arbitrary files...

PT-2024-4132 · D Link · D-Link D-View

Name of the Vulnerable Software and Affected Versions: D-Link D-View affected versions not specified Description: The issue is related to the queryDeviceCustomMonitorResult method of the D-Link D-View platform, which uses dangerous methods or functions. This allows a remote attacker to execute...

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor, which originates from a remote code execution vulnerability in the XLS file parsing expose dangerous method...

The vulnerability of the TP-Link Device Debug protocol implementation in the microprogramming software for wireless access points Tp-Link AC1350 and Tp-Link N300 allows a hacker to cause service failure.

The vulnerability of the TP-Link Device Debug protocol implemented in the microsoftware for wireless access points Tp-Link AC1350 and Tp-Link N300 is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow a malicious actor to cause service failures by sendin...

CVE-2023-50895

In Janitza GridVis through 9.0.66, exposed dangerous methods in the de.janitza.pasw.project.server.ServerDatabaseProject project load functionality allow remote authenticated administrative users to execute arbitrary Groovy code...

CVE-2023-50895

In Janitza GridVis through 9.0.66, exposed dangerous methods in the de.janitza.pasw.project.server.ServerDatabaseProject project load functionality allow remote authenticated administrative users to execute arbitrary Groovy code...

CVE-2023-50895

In Janitza GridVis through 9.0.66, exposed dangerous methods in the de.janitza.pasw.project.server.ServerDatabaseProject project load functionality allow remote authenticated administrative users to execute arbitrary Groovy code...