The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation allows a perpetrator to execute arbitrary code.

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation lies in the writing beyond buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created SPP file...

CVE-2023-34845

Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users are trusted by the...

The vulnerability of Autodesk 3dsMax software for 3D modeling, animation, and visualization lies in its software’s susceptibility to arbitrary code execution when memory is released after use.

The vulnerability of the software for 3D modeling, animation, and visualization in Autodesk 3dsMax relates to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

Schneider Electric Modicon M580, Modicon M340 Code Issue Vulnerabilities

The Schneider Electric Modicon M580 is a programmable automation controller from Schneider Electric, France. A code issue vulnerability exists in the Schneider Electric Modicon M580 prior to version 4.10, Modicon M340 CPU prior to version 3.51, which can be exploited by an attacker to cause a...

The vulnerability of Microsoft Office packages, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Office packages is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

CVE-2023-25007

A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution...

The vulnerability of the Substance 3D Stager software lies in its susceptibility to buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of the Substance 3D Stager software lies in the overflow of memory buffer in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

CVE-2023-25906 ZDI-CAN-20046: Adobe Dimension USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...

The vulnerability of the Substance 3D Stager software lies in its ability to read data beyond the buffer in memory, allowing an attacker to exploit this to disclose protected information.

The vulnerability of the Substance 3D Stager software-related 3D design software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information through a specially created file...

The vulnerability of the Substance 3D Stager software lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to exploit this to disclose protected information.

The vulnerability of the Substance 3D Stager software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose protected information through a specially created file...

The vulnerability of the Substance 3D Stager software lies in its ability to read data beyond the buffer in memory, allowing an attacker to exploit this to disclose protected information.

The vulnerability of the Substance 3D Stager software-related 3D design software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information through a specially created file...

Low: nginx

Issue Overview: No CVE associated with this advisory Affected Packages: nginx Issue Correction: Run dnf update nginx --releasever 2023.0.20230322 or dnf update --advisory ALAS2023-2023-090 --releasever 2023.0.20230322 to update your system. More information on how to update your system can be fou...

CVE-2023-27757

An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1.1 allows attackers to execute arbitrary code via a crafted JPG file...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in its memory management after it is released. This allows attackers to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially crafted file...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in buffer overflows in the stack, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially crafted file...

CVE-2023-27164

An arbitrary file upload vulnerability in Halo up to v1.6.1 allows attackers to execute arbitrary code via a crafted .md file...

SUSE CVE-2008-3934

Unspecified vulnerability in Wireshark formerly Ethereal 0.99.6 through 1.0.2 allows attackers to cause a denial of service crash via a crafted Tektronix .rf5 file...

SUSE CVE-2009-4835

The 1 htkreadheader, 2 alawinit, 3 ulawinit, 4 pcminit, 5 float32init, and 6 sdsreadheader functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service divide-by-zero error and application crash via a crafted audio file...

SUSE CVE-2014-0158

Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file because of incorrect j2kdecode, j2kreadeoc, and tcddecodetile interaction, a...

SUSE CVE-2022-41649

A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A specially-crafted TIFF file can cause a read of adjacent heap memory, which can leak sensitive process information. An attacker can provide a malicious file to trigger...