Samsung SMR Heap Buffer Overflow Vulnerability (CNVD-2022-63658)

Samsung SMR is a system patch package from South Korea's Samsung Samsung. Samsung SMR contains a heap buffer overflow vulnerability that can be exploited by attackers to execute code...

Samsung SMR Heap Buffer Overflow Vulnerability (CNVD-2022-63656)

Samsung SMR is a system patch package from South Korea's Samsung Samsung. Samsung SMR contains a heap buffer overflow vulnerability that can be exploited by attackers to execute code...

Samsung SMR Heap Buffer Overflow Vulnerability

Samsung SMR is a system patch package from South Korea's Samsung Samsung. Samsung SMR contains a heap buffer overflow vulnerability that can be exploited by attackers to execute code...

Adobe Flash Player Use-After-Free Vulnerability

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 AS3 implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service DoS...

PT-2022-6708 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to insufficient access controls in Microsoft Edge, allowing a remote attacker to bypass security restrictions, elevate privileges, or execute...

CVE-2022-27352

Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability via /app/register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

Design/Logic Flaw

Musical World v1 was discovered to contain an arbitrary file upload vulnerability via uploadedsongs.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

UBUNTU-CVE-2022-22624

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2022-20754

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the...

CVE-2022-20755

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the...

CVE-2022-23880

An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2021-3748

A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to numbuffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting i...

Ponton X/P Messenger path traversal vulnerability

PONTON X/P Messenger is a highly configurable ebXML, AS/1, AS/2, AS/3 and AS/4 compliant messaging software from the German company PONTON. ponton X/P Messenger is vulnerable to a path traversal vulnerability that could be exploited by an attacker to upload executable scripts while obtaining...

livehelperchat Cross-Site Scripting Vulnerability (CNVD-2022-18521)

livehelperchat is available through Live Helper Chat, which provides free live support on the website. livehelperchat suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the...

CVE-2022-26521

Abantecart through 1.3.2 allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the CatalogMedia ManagerImages settings can be changed by an administrator e.g., by configuring .php to be a valid image file type...

Siemens Simcenter STAR-CCM Viewer Scene File Parsing Vulnerability

Simcenter STAR-CCM Viewer is a standalone scene and episode viewer for Simcenter STAR-CCM.Siemens Simcenter STAR-CCM Viewer has a security vulnerability that could be exploited by an attacker to execute code in the context of the current process...

Adobe After Effects 缓冲区错误漏洞

Adobe After Effects is a set of visual effects and motion graphics creation software from Adobe, Inc. A buffer overflow vulnerability exists in Adobe After Effects processing files, which can be exploited by attackers to execute arbitrary code in the context of the current user...

Google Android 权限许可和访问控制问题漏洞

Google Android is a Linux-based open source operating system from Google. A privilege permission and access control issue vulnerability exists in Google Android, which can be exploited by a remote attacker to read web application files on an affected server and potentially execute code...

CVE-2022-20754

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the...

Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code...