SUSE CVE-2022-48063

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function loadseparatedebugfiles at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...

CVE-2022-48064

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfddwarf2findnearestlinewithalt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...

AZL-28051 CVE-2022-48063 affecting package binutils for versions less than 2.37-10

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function loadseparatedebugfiles at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...

UBUNTU-CVE-2022-48063

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function loadseparatedebugfiles at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...

AZL-28072 CVE-2020-18781 affecting package audiofile 0.3.6-27

Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert...

UBUNTU-CVE-2020-18781

Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert...

UPX 安全漏洞

UPX is a portable and extensible executable compression program. A security vulnerability exists in versions of UPX prior to 4.0.0, which stems from a vulnerability that allows an attacker to cause a denial of service DoS by designing a file passed to the readx function...

Design/Logic Flaw

Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console...

CVE-2023-40252

Improper Control of Generation of Code 'Code Injection' vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from...

Code injection

Improper Control of Generation of Code 'Code Injection' vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from...

CVE-2023-40252

The CVE-2023-40252 issue is an improper control of generation of code vulnerability in Genian NAC products (V4.0 from 4.0.0 to 4.0.155; V5.0 from 5.0.0 to 5.0.42; Suite V5.0 from 5.0.0 to 5.0.54; ZTNA from 6.0.0 to 6.0.15). The root cause is Code Injection that allows Replace Trusted Executable, ...

CVE-2023-40252

Improper Control of Generation of Code 'Code Injection' vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from...

CVE-2023-38840

Bitwarden Desktop 2023.7.0 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process...

CVE-2023-28479

An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform installs a full development toolchain within every TigerGraph deployment. An attacker is able to compile new executables on each Tigergraph system and modify system and Tigergraph binaries...

(Pwn2Own) Adobe Acrobat Reader DC Net.HTTP.request Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

PT-2023-26623 · Bitwarden · Bitwarden Desktop

Name of the Vulnerable Software and Affected Versions: Bitwarden Desktop versions 2023.7.0 and below Description: The issue allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process. A local attacker can exploit this to gain access to sensitive data...

Bitwarden Security Breach

Bitwarden is an open source password manager from Bitwarden Inc. in the United States. A security vulnerability exists in Bitwarden Desktop version v.2023.5.1, which originated from a vulnerability that allows a local attacker to obtain sensitive information via bitwarden.exe...

The vulnerability of the platform installer for SAP BusinessObjects Business Intelligence allows a perpetrator to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the SAP BusinessObjects Business Intelligence platform installer is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow attackers to influence the confidentiality, integrity, and accessibility of the protected information by...

CVE-2023-32782

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...

CVE-2023-32782

A command injection was identified in PRTG 23.2.84.1566 and earlier versions in the Dicom C-ECHO sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this vulnerabili...