EUVD-2016-5290

Malware in sbrugna...

Vulnerabilities fixed in Rockwell Automation Arena

Rockwell Automation has fixed vulnerabilities in Arena Simulation. The vulnerabilities are in the way Arena Simulation processes files, with this it is possible to manipulate and read memory. The vulnerabilities allow malicious actors to reveal sensitive information and execute arbitrary code whe...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality is related to the occurrence of operations outside the buffer during the processing of PRC files. Exploiting this vulnerability can allow an attacker to disclose protected information...

CVE-2024-4593

CVE-2024-4593 concerns DedeCMS 5.7, where the vulnerability lies in the file /src/dede/sys_multiserv.php. The issue is described as a cross‑site request forgery (CSRF) that can be triggered remotely, with the exploit publicly disclosed. Several connected sources consistently identify the affected...

Code injection

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Processing a file may lead to unexpected app termination or arbitrary code execution...

Apple macOS Ventura 代码注入漏洞

Apple macOS Ventura is a desktop operating system by Apple Inc. A security vulnerability exists in Apple macOS Ventura, which originates from processing files that could lead to unexpected application termination or arbitrary code execution...

PT-2022-18567 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS affected versions not specified Description: A problematic issue has been found in the SourceCodester Company Website CMS, affecting the processing of the file /dashboard/contact. The manipulation of the pho...

CVE-2020-11999

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...

The vulnerability of the Microsoft Project project management software allows a remote attacker to execute arbitrary code and gain control over the system.

Microsoft Project software has vulnerabilities related to errors that occur during the processing of specially crafted files. Exploiting these vulnerabilities allows a malicious attacker to execute arbitrary code and gain full control over the system...

JVN#44392991: Security File Manager vulnerable to directory traversal

Security File Manager provided by CGENE Inc contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has...