2680 matches found
CVE-2024-36598
An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary code via uploading a crafted image file...
AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...
CVE-2024-36600
Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...
CVE-2024-36598
An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary code via uploading a crafted image file...
AEGON LIFE v1.0 Life Insurance Management System - Remote Code Execution Vulnerability
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/ Version: AEGON LIFE...
PT-2024-4422
Name of the Vulnerable Software and Affected Versions libcdio version 2.1.0 Description The issue is related to a buffer overflow vulnerability in the ISO 9660 Image File Handler component of the libcdio library. This vulnerability can be exploited to execute arbitrary code via a crafted ISO 9660...
Apple macOS Monterey Security Vulnerability
Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Monterey version 12.5, which stems from the handling of maliciously crafted tiff files that could lead to arbitrary code execution...
Fedora: Security Advisory for qt5-qtimageformats (FEDORA-2024-2e27372d4c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2022-1115
A heap-buffer-overflow flaw was found in ImageMagick's PushShortPixel function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service...
RHEL 8 : exiv2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - exiv2: buffer overflow in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmnint.cpp CVE-2020-18771 ...
RHEL 7 : binutils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - binutils: NULL pointer dereference in bfdelffinallink function CVE-2017-7614 - The bfdvmssavesizedstring...
PT-2024-6424 · Unknown · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open...
CVE-2023-37340
Kofax Power PDF PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...
PDF-XChange Editor 安全漏洞
PDF-XChange Editor is a PDF file viewing software from PDF-XChange, Inc. that runs on Microsoft Windows systems. A security vulnerability exists in PDF-XChange Editor, which originates from a JPG File Parsing Out-of-Bounds Write Remote Code Execution vulnerability...
PDF-XChange Editor 安全漏洞
PDF-XChange Editor is a PDF file viewing software from PDF-XChange, Inc. that runs on Microsoft Windows systems. A security vulnerability exists in PDF-XChange Editor, which originates from a TIF File Parsing Post-Release Reuse Information Disclosure vulnerability...
CVE-2023-7064
The CVE-2023-7064 entry concerns the WordPress plugin Shortcodes and extra features for Phlox theme (auxin-elements). It describes a PHP Object Injection vulnerability via deserialization of untrusted input from the vulnerable id parameter in the function auxin_template_control_importer, affectin...
CVE-2023-7064 Shortcodes and extra features for Phlox theme <= 2.17.5 - Authenticated (Subscriber+) PHP Object Injection via auxin_template_control_importer
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.17.5 via deserialization of untrusted input from the vulnerable 'id' parameter in the 'auxintemplatecontrolimporter' function. This makes it possibl...
libtiff: infinite loop via a crafted TIFF file
A flaw was found in the libtiff library. This issue allows an attacker who can submit a specially crafted file to an application linked with libtiff to cause an infinite loop, resulting in a denial of service...
libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash...
Fedora 40 : mingw-qt6-qt3d / mingw-qt6-qt5compat / mingw-qt6-qtactiveqt / etc (2024-7f2064f068)
The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-7f2064f068 advisory. Update to qt-6.6.2. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for thi...