Buffer overflow

Buffer overflow vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite...

CVE-2022-43546

A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, POWER METER SICAM Q100 All versions V2.50, SICAM P850 All versions V3.10, SICAM P850 All versions V3.10, SICAM P850 All versions...

Design/Logic Flaw

A vulnerability has been identified in JT2Go All versions V14.1.0.4, Teamcenter Visualization V13.2 All versions V13.2.0.12, Teamcenter Visualization V13.3 All versions V13.3.0.7, Teamcenter Visualization V14.0 All versions V14.0.0.3, Teamcenter Visualization V14.1 All versions V14.1.0.4. The...

CVE-2022-3705

A use-after-free flaw was found in the qfupdatebuffer function in vim. This issue allows a specially crafted file to crash a program, use unexpected values, or execute code...

CVE-2022-43275

Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/phpaction/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

Apple iOS 和 iPadOS 缓冲区错误漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS and iPadOS. An attacker could exploit this vulnerability to execu...

Mitel MiCollab 代码问题漏洞

Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. A security vulnerability exists in Mitel MiCollab version 9.5.0.101 and prior versions, which stems from an issue in the web conferencing...

CVE-2022-43405

A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Libraries Plugin 612.v84da9c54906d and earlier allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary co...

CVE-2022-38440

Adobe Dimension versions 3.4.5 is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation...

Code injection

A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers able to inject WLAN frames to corrupt a linked list and, in turn, potentially execute code...

Adobe Dimension out-of-bounds read vulnerability

Adobe Dimension is a suite of 2D and 3D compositing design tools from Adobe, Inc. An out-of-bounds read vulnerability exists in versions prior to Adobe Dimension 3.4.6, which stems from an out-of-bounds read vulnerability when parsing constructed files, which could result in reading beyond the en...

Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2025-24459)

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code...

Dolibarr ERP/CRM 代码注入漏洞

Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system from the French Dolibarr Foundation. The system can be used to manage products, inventory, invoices, orders, etc. An access control error vulnerability exists in Dolibarr ERP/CRM 15.0....

CVE-2022-41851

A vulnerability has been identified in JTTK All versions V11.1.1.0, Simcenter Femap V2022.1 All versions V2022.1.3, Simcenter Femap V2022.2 All versions V2022.2.2. The JTTK library is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. An...

TOTOLINK NR1800X setOpModeCfg buffer overflow vulnerability

TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China Gion Electronics TOTOLINK.Designed to provide fast and convenient deployment of NR fixed data services for homes and offices.TOTOLINK NR1800X V9.1.0u.6279B20210910 version is vulnerable to a buffer overflow vulnerability,...

CVE-2022-31680

The vCenter Server contains an unsafe deserialisation vulnerability in the PSC Platform services controller. A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server...

PT-2022-26385 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

CVE-2022-3256

A heap use-after-free vulnerability was found in vim's movemark function of the src/mark.c file. This issue occurs because vim uses freed memory when 'autocmd' changes the mark. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free th...

Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities

Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol LLDP for Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to execute code, cause the service to reload unexpectedly, or cause Cisco Discovery Protocol or LLDP database corrupti...

Orckestra C1 CMS 代码问题漏洞

C1 CMS is an open source web content management system CMS based on .NET. A deserialization vulnerability exists in versions of Orckestra C1 CMS prior to 6.13. An authenticated attacker can exploit this vulnerability to execute arbitrary code...