USN-8241-1 coin3 vulnerabilities

It was discovered that Expat, vendored in Coin3D incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

USN-8240-1 swish-e vulnerabilities

It was discovered that Expat, vendored in Swish-e incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-25235, CVE-2022-25236...

EulerOS Virtualization 2.12.1 : grub2 (EulerOS-SA-2026-1429)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the...

CVE-2011-10034

AUTOMGEN versions up to and including 8.0.0.7 also referenced as 8.022 contain a vulnerability in that project file handling frees an object and subsequently dereferences the stale pointer when processing certain malformed fields. The dangling-pointer use enables an attacker to influence an...

FileBrowser Denial of Service Vulnerability

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a denial of service vulnerability , the vulnerability stems from a flaw in the file handling log...

CVE-2025-6196

CVE-2025-6196 affects libgepub, a library used to read EPUB files. The underlying issue is an integer/size calculation problem in the EPUB archive handling, which can lead to oversized memory allocations and crash the application. Documented impact includes potential denial of service when parsin...

CVE-2020-0864

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0865, CVE-2020-0866,...

NETGEAR DGND3700 安全漏洞

The Netgear DGND3700 is a modem router from NETGEAR. The Netgear DGND3700 suffers from an information disclosure vulnerability that originates from improper handling of the file /BRStop.html, which can be exploited by an attacker to cause information disclosure...

PT-2024-37487 · Unknown · Gaizhenbiao/Chuanhuchatgpt

Name of the Vulnerable Software and Affected Versions: gaizhenbiao/chuanhuchatgpt version 20240410 Description: A vulnerability in the JSON file handling allows any user to delete any JSON file on the server, including critical configuration files such as config.json and ds config chatbot.json...

CVE-2021-46621

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

USN-4932-2 python-django vulnerability

USN-4932-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwri...

Foxit Studio Photo 缓冲区错误漏洞

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. An information disclosure vulnerability exists in the handling of CMP files in Foxit Studio Photo 3.6.6.930 and earlier versions. The vulnerability stems from a lack of proper validation of user-supplied...

The vulnerability of the Update Orchestrator Service for Windows operating systems allows a perpetrator to escalate their privileges and execute arbitrary code.

The vulnerability of the Update Orchestrator Service service for Windows operating systems is related to improper handling of file operations. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code using a specially created application...

The vulnerability of the Windows Data Sharing Service, a data exchange service for the Windows operating system, allows attackers to escalate their privileges.

The vulnerability of the Windows Data Sharing Service in the Windows operating system is related to file handling errors. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

USN-4239-1 php5, php7.0, php7.2, php7.3 vulnerabilities

It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. CVE-2019-11045 It was discovered that PHP incorrectly handled certain inputs. An...

The vulnerability of the Windows Data Sharing Service, a data exchange service for the Windows operating system, allows attackers to escalate their privileges.

The vulnerability of the Windows Data Sharing Service in the Windows operating system is related to file handling errors. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

The vulnerability of the Calc and Writer components of the LibreOffice office software suite, which allows a hacker to disclose protected information

The vulnerability of the LibreOffice office software package is related to improper handling of opened files. Exploiting this vulnerability allows an attacker to disclose protected information using a specially crafted file...

Changetrack Local Privilege Escalation Vulnerability

This host has Changetrack installed and is prone to Local Privilege Escalation vulnerability. OpenVAS Vulnerability Test $Id: secpodchangetrackprivescalationvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Changetrack Local Privilege Escalation Vulnerability Authors: Sharath S Copyright: Copyright c...

procmail.screen.txt

Date: Mon, 5 Apr 1999 19:40:37 +0100 From: Chris Evans To: [email protected] Subject: More procmail Hi, Well well since Debian appear to have "broken silence" on the procmail front rather than wait for an official announcement... I found something potentially more serious than boring heap...