Microsoft Internet Explorer Memory Corruption Vulnerability

Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial-of-service DoS via a crafted website...

CVE-2021-42704

Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code...

Out-of-bounds

Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code...

CVE-2021-42704 Inkscape Out-of-bounds Write

Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code...

ROS-20220518-01

A vulnerability in the Mozilla Firefox browser is related to improper permission management in the application. Exploitation of the vulnerability could allow an attacker acting remotely to create a web page that Bypasses the existing browser hint and inherits top-level permissions improperly The...

Formidable arbitrary file upload

Withdrawn: This advisory was improperly assigned. An arbitrary file upload vulnerability in formidable v3.2.4 allows attackers to execute arbitrary code via a crafted filename...

PT-2022-18063 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.4 iOS versions prior to 15.5 iPadOS versions prior to 15.5 Description: A memory corruption issue was addressed with improved memory handling, which could allow a malicious application to execute arbitrary code with...

Foxit PDF Reader Doc Object Remote Code Execution Vulnerability (CNVD-2023-07881)

Foxit PDF Reader is a PDF reader from Foxit China.A remote code execution vulnerability exists in the Foxit PDF Reader Doc object, which can be exploited by attackers to execute code in the context of the current process...

CVE-2022-28243

Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...

CVE-2022-29655

An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

Siemens JT2Go and Teamcenter Visualization Dual Release Vulnerability (CNVD-2022-36381)

Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. Siemens JT2Go and Teamcenter Visualization are vulnerable and can be exploited by attackers to The vulnerability can be exploited to...

CVE-2022-1616

A flaw was found in vim, which is vulnerable to a heap-buffer-overflow in appendcommand of the src/exdocmd.c function. This flaw allows a specially crafted file to crash software, modify memory, or execute code when opened in vim...

CVE-2021-38433 RTI Connext DDS Professional and Connext DDS Secure Stack-based Buffer Overflow

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code...

EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2022-1624)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to t...

Improper Input Validation

Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Improper Input Validation. An attacker with read access and HTTP access to Jenkins master can insert data and execute arbitrary code on the server. Remediation Upgrad...

CVE-2022-0354

A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window...

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System (IGSS), arises from overflowing buffers in the dynamic memory, allowing a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System IGSS, arises due to overflow in the buffer of dynamic memory. Exploiting this vulnerability allows a malicious actor to cause service failures or execute arbitrary code using specially created messages...

Notable 路径遍历漏洞

Notable is a Markdown-based note-taking software with cross-platform support from the individual developers of Notable. A path traversal vulnerability exists in Notable-insiders that stems from incorrect validation of the file URI scheme. Hyperlinks pointing to SMB shares could lead to the...

Adobe Photoshop out-of-bounds write vulnerability (CNVD-2022-42168)

Adobe Photoshop is a set of image processing software from Adobe. Adobe Photoshop is vulnerable to an out-of-bounds write vulnerability. An attacker could exploit the vulnerability to execute code in the context of the current user...

Arbitrary file upload in Ghost

An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file...