The vulnerability of the Kaswara Modern VC Addon for WordPress content management system allows for unlimited loading of dangerous files, enabling attackers to download and execute arbitrary files.

The vulnerability of the Kaswara Modern VC Addon for WordPress content management system is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to download and execute arbitrary files remotely...

The vulnerability of the Business Directory plugin of the WordPress content management system, related to the unlimited loading of dangerous files, allows a hacker to read arbitrary files in the catalog of the configuration.

The vulnerability of the Business Directory plugin of the WordPress content management system is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to read arbitrary files in the directory configuration...

The system’s vulnerability regarding data collection and automation process control in ScadaBR, related to unlimited loading of dangerous type files, allows a intruder to execute arbitrary code.

The vulnerability of the ScadaBR system for data collection and automation process control is related to the unlimited loading of dangerous type files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file named viewedit.shtm...

The vulnerability of the elFinder file manager stems from the incorrect implementation of authentication mechanisms, allowing attackers to execute arbitrary code.

The vulnerability of the elFinder file manager is related to the unlimited loading of files of a dangerous type. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created .phar file...

CVE-2021-20745

Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop...

Untrusted code may be run from an overridden address validator

This is a security release. SECURITY Fixes CVE-2021-34551, a complex RCE affecting Windows hosts. See SECURITY.md for details. The fix for this issue changes the way that language files are loaded. While they remain in the same PHP-like format, they are processed as plain text, and any code in th...

CVE-2021-31811

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions...

The vulnerability of the database update module of the Engineering Data and Product Lifecycle Management System LOCMAN:PLM, related to unlimited loading of dangerous type files, allows a perpetrator to execute arbitrary code.

The vulnerability of the Active Business Process Automation Module of LOCsMAN WorkFlow Audit Service is related to the unlimited loading of dangerous files. Exploiting this vulnerability can allow attackers to execute arbitrary code by replacing the dll library e.g., msimg32.dll in the...

The vulnerability of the database update module of the Engineering Data and Product Lifecycle Management System LOCMAN:PLM, related to unlimited loading of dangerous type files, allows a perpetrator to execute arbitrary code.

The vulnerability of the database update module of the LOCsman:PLM engineering data and product lifecycle management system is related to the unlimited loading of dangerous files. Exploiting this vulnerability can allow attackers to execute arbitrary code by replacing the wsock32.dll library with...

The vulnerability of the update display module of the engineering data management system and the product lifecycle management system LOCMAN, related to unlimited loading of dangerous type files, allows a perpetrator to execute arbitrary code.

The vulnerability of the update display module of the engineering data management and product lifecycle management system LOCsMAN:PLM is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows an attacker to execute arbitrary code by replacing the dll library e.g...

The vulnerability of the module for creating and saving structured information about company departments in the “LOCMAN Reference Guide for Structural Departments” system, which manages engineering data and the product lifecycle of LOCMAN:PLM, arises from the possibility of unlimited loading of dangerous files. This vulnerability allows attackers to execute arbitrary code.

The vulnerability of the module responsible for creating and saving structured information about company departments in the “LOCZMAN Reference Guide for Structural Departments” system, which manages engineering data and the product lifecycle of LOCZMAN:PLM, relates to the unlimited loading of...

The vulnerability of the module for creating, editing, and saving diagrams of typical and business processes, determining process properties, creating lists of associated objects “LOCMAN WorkFlow Designer” of the engineering data management system, and the product lifecycle management system LOCMAN:PLM. This vulnerability is related to the unlimited loading of dangerous type files, allowing attackers to execute arbitrary code.

The vulnerability of the module responsible for creating, editing, and saving diagrams of typical and working business processes, as well as defining properties of these processes, and creating lists of associated objects in the “LOZMAN Workflow Designer” system for managing engineering data and...

The vulnerability of the database update module of the WorkFlow system in the Engineering Data Management and Product Lifecycle Management system LOCMAN:PLM lies in the possibility of unlimited loading of dangerous files, allowing attackers to execute arbitrary code.

The vulnerability of the database update module of the LOCsman:PLM engineering data and product lifecycle management system is related to the unlimited loading of dangerous files. Exploiting this vulnerability can allow an attacker to execute arbitrary code by replacing the dll library version.dl...

The vulnerability of the development module for construction route planning in the “LOCMAN Construction Planner” tool of the Engineering Data Management and Product Lifecycle management system LOCMAN:PLM lies in its ability to load files of a dangerous type indefinitely, allowing attackers to execute arbitrary codes.

The vulnerability of the development module for manufacturing route planning in the “LOCMAN Rascex” product, within the engineering data management and product lifecycle management system LOCMAN:PLM, relates to the unlimited loading of dangerous files. Exploiting this vulnerability could allow...

The vulnerability of the “LOCMAN Configurator” module of the engineering data and product lifecycle management system LOCMAN:PLM, which is related to the unlimited loading of dangerous type files, allows a perpetrator to execute arbitrary code.

The vulnerability of the “LOZMAN Configurator” module of the engineering data and product lifecycle management system LOZMAN involves unlimited loading of dangerous files. Exploiting this vulnerability can allow attackers to execute arbitrary code by replacing the dll libraries such as...

The vulnerability of the application loading optimization service for servers in enterprises with a large number of users lies in the “Balancing Service” of the Engineering Data Management and Product Lifecycle system LOCMAN:PLM. This service allows unauthorized users to execute arbitrary code due to the unlimited loading of dangerous files.

The vulnerability of the application loading optimization service for servers in enterprises with a large number of users is related to unlimited loading of dangerous files. Exploiting this vulnerability allows an attacker to execute arbitrary code by replacing DLL libraries such as DNSAPI.dll in...

fluidsynth 资源管理错误漏洞

fluidsynth is an application system. for generating audio by reading and processing MIDI events from MIDI input devices using SoundFont. A resource management error vulnerability exists in fluidsynth, which stems from use after a free conflict was discovered, and may be triggered when loading an...

The vulnerability of the Knowledge Management component of the SAP NetWeaver software integration platform allows a perpetrator to gain access, modify, or make existing files inaccessible.

The vulnerability of the Knowledge Management component of the SAP NetWeaver software integration platform is related to the absence of restrictions on file loading. Exploiting this vulnerability allows a malicious actor to remotely gain access, modify, or make existing files inaccessible using a...

The vulnerability of the rebuildAggregateFrames function in the library for reading and modifying metadata in audio files from TagLib allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the rebuildAggregateFrames function in the library for reading and modifying metadata in audio files from TagLib is related to the unlimited loading of dangerous files. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its...

The vulnerability of the Magento Commerce software platform for developing and managing online stores lies in its ability to allow unlimited loading of dangerous files, enabling attackers to execute arbitrary code.

The vulnerability of the Magento Commerce software platform for developing and managing online stores is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...