5602 matches found
CVE-2022-29030
A vulnerability has been identified in JT2Go All versions V13.3.0.3, Teamcenter Visualization V13.3 All versions V13.3.0.3, Teamcenter Visualization V14.0 All versions V14.0.0.1. The MonoLoader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An...
CVE-2022-29030
A vulnerability has been identified in JT2Go All versions V13.3.0.3, Teamcenter Visualization V13.3 All versions V13.3.0.3, Teamcenter Visualization V14.0 All versions V14.0.0.1. The MonoLoader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An...
CVE-2022-29028
A vulnerability has been identified in JT2Go All versions V13.3.0.3, Teamcenter Visualization V13.3 All versions V13.3.0.3, Teamcenter Visualization V14.0 All versions V14.0.0.1. The TiffLoader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker...
CVE-2022-29033
A vulnerability has been identified in JT2Go All versions V13.3.0.3, Teamcenter Visualization V13.3 All versions V13.3.0.3, Teamcenter Visualization V14.0 All versions V14.0.0.1. The CGMNISTLoader.dll library is vulnerable to uninitialized pointer free while parsing specially crafted CGM files. A...
CVE-2022-29033
A vulnerability has been identified in JT2Go All versions V13.3.0.3, Teamcenter Visualization V13.3 All versions V13.3.0.3, Teamcenter Visualization V14.0 All versions V14.0.0.1. The CGMNISTLoader.dll library is vulnerable to uninitialized pointer free while parsing specially crafted CGM files. A...
CVE-2022-29028
A vulnerability has been identified in JT2Go All versions V13.3.0.3, Teamcenter Visualization V13.3 All versions V13.3.0.3, Teamcenter Visualization V14.0 All versions V14.0.0.1. The TiffLoader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker...
CVE-2022-29031
A vulnerability has been identified in JT2Go All versions V13.3.0.3, Teamcenter Visualization V13.3 All versions V13.3.0.3, Teamcenter Visualization V14.0 All versions V14.0.0.1. The CGMNISTLoader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An...
CVE-2022-29029
A vulnerability has been identified in JT2Go All versions V13.3.0.3, Teamcenter Visualization V13.3 All versions V13.3.0.3, Teamcenter Visualization V14.0 All versions V14.0.0.1. The CGMNISTLoader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An...
Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang
The inner workings of a cybercriminal group known as the Wizard Spider have been exposed, shedding light on its organizational structure and motivations. "Most of Wizard Spider's efforts go into hacking European and U.S. businesses, with a special cracking tool used by some of their attackers to...
The vulnerability of the Android operating system’s kernel loader, allowing a hacker to execute arbitrary code
The vulnerability of the Android operating system’s kernel loader is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
GHSA-87R7-Q54J-F9QG OpenStack Murano Code Execution
OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...
GHSA-VPR3-F594-MG5G Improper Control of Generation of Code ('Code Injection') in Spring Framework
SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs0=jar: followed by a URL of a crafted .jar file...
Das U-Boot 安全漏洞
Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in Das U-Boot, which stems from nfslookupreply in net/nfs.c having an infinite...
Process_Overwriting - Yet Another Variant Of Process Hollowing
Process Overwriting is a PE injection technique, closely related to Process Hollowing and Module Overloading Process Hollowing aka RunPE is an old and popular PE injection technique. It comes in has variety of flavors, but there are some steps in common: 1. Start by creating a process in a...
The vulnerability of the configuration file loader for WebUI devices of PHOENIX CONTACT RAD-ISM-900-EN-* allows a attacker to execute arbitrary code with root privileges.
The vulnerability of the configuration file loader for WebUI devices of PHOENIX CONTACT RAD-ISM-900-EN- exists due to insufficient checks on the integrity of the firmware. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands with root privileges...
CVE-2021-26361
A malicious or compromised User Application UApp or AGESA Boot Loader ABL could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure...
Information disclosure
A malicious or compromised User Application UApp or AGESA Boot Loader ABL could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure...
AMD System Management Unit 缓冲区错误漏洞
The AMD System Management Unit SMU is a system management unit of AMD Corporation. A security vulnerability exists in the AMD System Management Unit that originates from memory and code execution corruption due to the use of a malicious or compromised UApp or ABL to issue a malformed system call ...
PT-2022-9737 · Amd · Agesa Boot Loader +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A malicious or compromised User Application UApp or AGESA Boot Loader ABL could be used by an attacker to exfiltrate arbitrary memory from the ASP stage...
VulnCheck KEV: CVE-2014-0094
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method...