CVE-2023-32069

XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-2 and prior to versions 14.10.4 and 15.0-rc-1, it's possible for a user to execute anything with the right of the author of the XWiki.ClassSheet document. This has been patched in XWiki 15.0-rc-1 and 14.10.4. There are n...

CVE-2023-25496

A privilege escalation vulnerability was reported in Lenovo Drivers Management Lenovo Driver Manager that could allow a local user to execute code with elevated privileges...

CVE-2023-25496

A privilege escalation vulnerability was reported in Lenovo Drivers Management Lenovo Driver Manager that could allow a local user to execute code with elevated privileges...

CVE-2023-24269

An arbitrary file upload vulnerability in the plugin upload function of Textpattern v4.8.8 allows attackers to execute arbitrary code via a crafted Zip file...

Privilege escalation

A privilege escalation vulnerability was reported in Lenovo Drivers Management Lenovo Driver Manager that could allow a local user to execute code with elevated privileges...

CVE-2023-25496

A privilege escalation vulnerability was reported in Lenovo Drivers Management Lenovo Driver Manager that could allow a local user to execute code with elevated privileges...

UBUNTU-CVE-2021-44547

A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrators to executed arbitrary code, leading to privilege escalation...

The vulnerability of Google Chrome’s Skia library allows a hacker to escape from the isolated software environment and execute arbitrary code.

The vulnerability of Google Chrome’s Skia library is caused by a numerical overflow condition. Exploiting this vulnerability allows an attacker to escape from a isolated software environment and execute arbitrary code...

Juniper Networks Junos OS Evolved 操作系统命令注入漏洞

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. Juniper Networks Junos OS Evolved suffers from an operating system command injection vulnerability that stems from the presence of an operating system command injection vulnerability that can be exploited by a...

CVE-2023-29621

Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server...

Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability

Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges...

Cisco Secure Network Analytics Remote Code Execution Vulnerability (CNVD-2023-85955)

Cisco Secure Network Analytics Stealthwatch is a solution that supports cross-platform network streaming data collection. A remote code execution vulnerability exists in Cisco Secure Network Analytics, which can be exploited by an attacker to execute code on an affected device...

Vulnerabilities fixed in Dell EMC Networker

Dell has fixed vulnerabilities in EMC Networker. A authenticated malicious person could exploit the vulnerabilities to bypass security measures or execute arbitrary code execute application privileges on the underlying system. Under normal circumstances, the application runs with limited...

CVE-2022-43643

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Generic plugin for the xupnpd service, which listens on TC...

CVE-2022-27645

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloudcontrol.cgi. The issue results from the lack of authenticatio...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the saveAs...

CVE-2022-43639

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura, which originates from the handling of maliciously crafted files that could result in the unexpected termination of an application or arbitrary code...

Adobe Dimension Out-of-Bounds Read Vulnerability (CNVD-2023-25103)

Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. Adobe Dimension suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context of the current user...

Adobe Substance 3D Stager Out-of-Bounds Read Vulnerability (CNVD-2023-43899)

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. Adobe Substance 3D Stager suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context of the current user...