CVE-2023-25358

A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely...

CVE-2023-25363

A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely...

CVE-2023-25360

A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely...

Siemens Solid Edge Viewer DWG File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2022-46712

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13. An app may be able to cause unexpected system termination or potentially execute code with kernel privileges...

K23312037: Intel CPU vulnerability CVE-2018-3679

Security Advisory Description Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges. CVE-2018-3679 Impact There is no impact; F5 products are not affect...

K81859243: Kernel vulnerability CVE-2018-8822

Security Advisory Description Incorrect buffer length handling in the ncpreadkernel function in fs/ncpfs/ncplibkernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplibkernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to...

Siemens Tecnomatix Plant Simulation Out-of-Bounds Write Vulnerability (CNVD-2023-10619)

Siemens Tecnomatix Plant Simulation is an object-oriented, graphical, integrated modeling and simulation tool. An out-of-bounds write vulnerability exists in Siemens Tecnomatix Plant Simulation due to an affected application parsing a specially crafted SPP file that contains an out-of-bounds writ...

Siemens Tecnomatix Plant Simulation Out-of-Bounds Write Vulnerability (CNVD-2023-15419)

Siemens Tecnomatix Plant Simulation is an object-oriented, graphical, integrated modeling and simulation tool. An out-of-bounds write vulnerability exists in Siemens Tecnomatix Plant Simulation. An attacker can exploit this vulnerability to execute code in the context of the current process...

Siemens JT Open and JT Utilitiesh Memory Corruption Vulnerability

JT Open Toolkit is an application programming interface API for software developers who support JT, a publicly released data format developed by Siemens Digital Industry Software and widely used for communication, visualization, digital modeling, and various other purposes.Siemens JT Open and JT...

Siemens Tecnomatix Plant Simulation Out-of-Bounds Write Vulnerability (CNVD-2023-15416)

Siemens Tecnomatix Plant Simulation is an object-oriented, graphical, integrated modeling and simulation tool. An out-of-bounds write vulnerability exists in Siemens Tecnomatix Plant Simulation. An attacker can exploit this vulnerability to execute code in the context of the current process...

SUSE CVE-2004-0109

Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry...

SUSE CVE-2005-0227

PostgreSQL pgsql 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension...

SUSE CVE-2007-4631

The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames...

SUSE CVE-2008-4190

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the 1 ipseclive.conn and 2 ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream...

SUSE CVE-2010-0297

Buffer overflow in the usbhosthandlecontrol function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service guest OS crash or hang or possibly execute arbitrary code on the host OS via a crafted USB packet...

SUSE CVE-2010-1447

The Safe aka Safe.pm module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended 1...

SUSE CVE-2012-0806

Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors...

SUSE CVE-2014-4877

Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the...

SUSE CVE-2014-8097

The DBE extension in X.Org X Window System aka X11 or X X11R6.1 and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index value to the 1...