CVE-2022-46360

Out-of-bounds read vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file...

PT-2023-13381 · Dell · Dell Bios

Name of the Vulnerable Software and Affected Versions: Dell BIOS affected versions not specified Description: The issue is a stack-based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this by using an SMI to send larger than expected input to a parameter t...

Siemens Teamcenter Visualization and JT2Go Out-of-Bounds Read Vulnerability (CNVD-2022-88424)

Siemens Teamcenter Visualization is a team collaboration software for designing 2D and 3D scenes. Siemens JT2GO is a JT file viewer. Siemens Teamcenter Visualization and JT2Go are vulnerable to an out-of-bounds read vulnerability that can be exploited by attackers to execute code in the context o...

Siemens Teamcenter Visualization and JT2Go Stack Buffer Overflow Vulnerability

Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. Siemens JT2GO is a JT file viewer. Siemens Teamcenter Visualization and JT2Go are vulnerable to a stack buffer overflow vulnerability that could be exploited by an attacker...

Siemens Teamcenter Visualization and JT2Go Out-of-Bounds Read Vulnerability (CNVD-2022-89530)

Siemens Teamcenter Visualization is a team collaboration software for designing 2D and 3D scenes. Siemens JT2GO is a JT file viewer. Siemens Teamcenter Visualization and JT2Go are vulnerable to an out-of-bounds read vulnerability that could be exploited by an attacker to This vulnerability can be...

Out-of-bounds

A vulnerability has been identified in JT2Go All versions V14.1.0.6, Teamcenter Visualization V13.2 All versions V13.2.0.12, Teamcenter Visualization V13.3 All versions V13.3.0.8, Teamcenter Visualization V14.0 All versions V14.0.0.4, Teamcenter Visualization V14.1 All versions V14.1.0.6. The...

Out-of-bounds

A vulnerability has been identified in JT2Go All versions V14.1.0.6, Teamcenter Visualization V13.2 All versions V13.2.0.12, Teamcenter Visualization V13.3 All versions V13.3.0.8, Teamcenter Visualization V14.0 All versions V14.0.0.4, Teamcenter Visualization V14.1 All versions V14.1.0.6. The...

Out-of-bounds

A vulnerability has been identified in JT2Go All versions V14.1.0.6, Teamcenter Visualization V13.2 All versions V13.2.0.12, Teamcenter Visualization V13.3 All versions V13.3.0.8, Teamcenter Visualization V14.0 All versions V14.0.0.4, Teamcenter Visualization V14.1 All versions V14.1.0.6. The...

CVE-2022-43581

CVE-2022-43581 affects IBM Content Navigator versions 3.0.0 through 3.0.12, where missing authorization could allow an authenticated user to load external plugins and execute code. The issue is documented across IBM security bulletins and Red Hat advisories, with remediation guidance including ap...

IBM Content Navigator 缓冲区错误漏洞

IBM Content Navigator is a Web client from International Business Machines IBM. The product supports searching and processing documents stored in content servers from a Web browser. A security vulnerability exists in IBM Content Navigator, which originates from its susceptibility to loss of...

PT-2022-26977 · Ibm · Ibm Content Navigator

Name of the Vulnerable Software and Affected Versions: IBM Content Navigator versions 3.0.0 through 3.0.12 Description: The issue is related to missing authorization, which could allow an authenticated user to load external plugins and execute code. Recommendations: For IBM Content Navigator...

Doufox Arbitrary File Upload (CVE-2022-38621)

An arbitrary file upload vulnerability exists in Doufox. Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the vulnerable system with administrative privileges...

WordPress Plugin Betheme them plugin deserialization vulnerability

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress theme is a theme for WordPress. A deserialization vulnerability exists in WordPress Plugin Betheme them plugin 26.5.1.4 and...

CVE-2022-3861 Betheme <= 26.5.1.4 - Authenticated (Subscriber+) PHP Object Injection

The Betheme theme for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 26.5.1.4 via deserialization of untrusted input supplied via the import, mfn-items-import-page, and mfn-items-import parameters passed through the mfnbuilderimport, mfnbuilderimportpage,...

CVE-2022-43265

An arbitrary file upload vulnerability in the component /pages/saveuser.php of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

AyaCMS arbitrary file upload vulnerability

AyaCMS is an extremely simple and free open source PHP website builder. v3.1.2 of AyaCMS contains a security vulnerability that originates from an arbitrary file upload vulnerability found via the component /admin/fstupload.inc.php. An attacker could use this vulnerability to execute arbitrary co...

Siemens Parasolid out-of-bounds write vulnerability

Parasolid is a 3D geometric modeling tool that supports multiple techniques, including solid modeling, direct editing, and free-form surface/table modeling.An out-of-bounds write vulnerability exists in Siemens Parasolid, which can be exploited by attackers to execute code in the context of the...

CVE-2022-43277

Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ip/youthappam/phpaction/editFile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-34825

Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrit...

CVE-2022-34825

Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrit...