262 matches found
Advisory ROSA-SA-2023-2317
Software: libinput 1.16.3 OS: ROSA Virtualization 2.1 packageevrstring: libinput-1.16.3-3.rv3.src.rpm CVE-ID: CVE-2022-1215 BDU-ID: 2022-02695 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the evdevlogmsg function of the libinput library's libinput implementation of the X.Org and Wayland display...
VulnCheck KEV: CVE-2023-7101
Spreadsheet::ParseExcel contains a remote code execution vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings within the Excel parsing logic...
DEBIAN-CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
UBUNTU-CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
Format string
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-7101 Arbitrary Code Execution (ACE) Vulnerability
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-7101 Arbitrary Code Execution (ACE) Vulnerability
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
The vulnerability of the cm_processChangedConfigMsg function in ASUS’ Wi-Fi router microprogramming systems, such as the RT-AX56U V2 and RT-AC86U models, allows a hacker to execute arbitrary code or cause malfunctions in the device.
The vulnerability of the cmprocessChangedConfigMsg function in ASUS’ Wi-Fi router microprogramming systems, such as the RT-AX56U V2 and RT-AC86U models, is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause...
The vulnerability of the STST TA component in Samsung Teegris’ Android operating system allows a hacker to execute arbitrary code.
The vulnerability of the STST TA component in Samsung Teegris’ Android operating system security system is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
CVE-2023-41349
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...
CVE-2023-41349
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...
The vulnerability of the iperf function in the application software interface for ASUS RT-AX55, RT-AX56U, and RT-AC86U routers allows a hacker to execute arbitrary code.
The vulnerability of the iperf function in the application programming interface for ASUS RT-AX55, RT-AX56UV2, and RT-AC86U routers is related to the use of uncontrolled format strings. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using specially created data...
The vulnerability of the application software interface of ASUS RT-AX55, RT-AX56U, and RT-AC86U allows a hacker to execute arbitrary code.
The vulnerability of the application software interface of ASUS RT-AX55, RT-AX56UV2, and RT-AC86U lies in the use of uncontrolled format strings. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using specially created data...
The vulnerability of the microprogrammed software of Wi-Fi routers ASUS RT-AC86U and RT-AX56U allows a hacker to execute arbitrary code.
The vulnerability of ASUS’ Wi-Fi router software, RT-AC86U and RT-AX56U, is related to the use of uncontrolled format strings. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the command-line interface of FortiOS operating systems and the FortiProxy proxy server, related to the use of uncontrolled format strings, allows attackers to execute arbitrary code.
The vulnerability of the command-line interface of FortiOS operating systems and the FortiProxy proxy server for protecting against Internet attacks is related to the use of uncontrolled format strings. Exploiting this vulnerability allows a attacker to execute arbitrary code using specially...
CVE-2023-25096
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
PT-2023-2696 · Microsoft · Remote Desktop Client +2
Name of the Vulnerable Software and Affected Versions: Windows 10 version 22H2 Description: The issue exists due to insufficient input validation in the Remote Desktop Client of the Windows operating system. This allows an attacker to execute arbitrary code, potentially impacting the system. The...