2019 matches found
SUSE CVE-2022-34483
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from...
CVE-2022-47936
A vulnerability has been identified in JT Open All versions V11.2.3.0, JT Utilities All versions V13.2.3.0, Parasolid V34.0 All versions V34.0.252, Parasolid V34.1 All versions V34.1.242, Parasolid V35.0 All versions V35.0.170, Parasolid V35.1 All versions V35.1.150. The affected application...
CVE-2023-24990
A vulnerability has been identified in Tecnomatix Plant Simulation All versions V2201.0006. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the...
Siemens Solid Edge Heap Buffer Overflow Vulnerability (CNVD-2023-09120)
Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to heap buffer overflow, which can be exploited by attackers to execute code in the context of the current process...
Siemens Solid Edge Out-of-Bounds Reading Vulnerability (CNVD-2023-09642)
Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an out-of-bounds read vulnerability that could be exploited to execute code in the context of the current process...
Siemens Solid Edge Out-of-Bounds Reading Vulnerability (CNVD-2023-09645)
Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an out-of-bounds read vulnerability that could be exploited to execute code in the context of the current process...
Siemens Solid Edge Out-of-Bounds Reading Vulnerability (CNVD-2023-09643)
Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an out-of-bounds read vulnerability that could be exploited to execute code in the context of the current process...
Siemens Solid Edge Uninitialized Pointer Access Vulnerability
Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an uninitialized pointer access vulnerability that could be exploited to execute code in the context of the current process...
Siemens Solid Edge Out-of-Bounds Writing Vulnerability (CNVD-2023-09638)
Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an out-of-bounds write vulnerability that could be exploited to execute code in the context of the current process...
Siemens Solid Edge Out-of-Bounds Reading Vulnerability (CNVD-2023-09639)
Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an out-of-bounds read vulnerability that could be exploited to execute code in the context of the current process...
CVE-2022-45544
Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload arbitrary files and execute arbitrary code via the tristao parameter. NOTE: this is disputed by the vendor because an admin is intentionally allowed to upload new executable PHP code, such as a theme...
CVE-2023-22374
A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note...
CVE-2023-22374
A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note...
Apache InLong 代码问题漏洞
Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. Apache InLong suffers from a deserialization vulnerability that can be exploited by a remote attacker to submit a special request and execute arbitrary code in the application context...
cri-o: incorrect handling of the supplementary groups
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute...
Adobe InCopy out-of-bounds write vulnerability (CNVD-2023-05226)
Adobe InCopy is a text editing software for authoring from Adobe, Inc. An out-of-bounds write vulnerability exists in Adobe InCopy, which can be exploited by attackers to execute arbitrary code in the context of the current user...
Siemens JT Open, JT Utilities and Solid Edge Memory Corruption Vulnerability
JT Open Toolkit is an application programming interface API for software developers who support JT, a publicly released data format developed by Siemens Digital Industry Software and widely used for communication, visualization, digital modeling and various other purposes.Solid Edge is a portfoli...
VMware Workstation 16.0.x < 16.2.5 Vulnerability (VMSA-2022-0033)
The version of VMware Workstation installed on the remote host is 16.0.x prior to 16.2.5. It is, therefore, affected by a vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable,...
CVE-2022-46360
Out-of-bounds read vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file...
PT-2023-13381 · Dell · Dell Bios
Name of the Vulnerable Software and Affected Versions: Dell BIOS affected versions not specified Description: The issue is a stack-based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this by using an SMI to send larger than expected input to a parameter t...