53 matches found
SUSE-SU-2026:21944-1 Security update for vim
This update for vim fixes the following issues - CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim bsc1264706. - CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile via crafted filename bsc1265349. -...
SUSE-SU-2026:21859-1 Security update for vim
This update for vim fixes the following issues - CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. - CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim...
Siemens Solid Edge Multiple File Parsing Vulnerabilities (SSA-921111)
The version of Siemens Solid Edge installed on the remote Windows host is SE2026 prior to V226.0 Update 5. It is, therefore, affected by multiple file parsing vulnerabilities: - The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An...
EUVD-2026-29436
A vulnerability has been identified in Solid Edge SE2026 All versions V226.0 Update 5. The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
CVE-2026-44411
Solid Edge SE2026 is affected (versions
PT-2026-39993
A vulnerability has been identified in Solid Edge SE2026 All versions V226.0 Update 5. The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
PT-2026-39992
A vulnerability has been identified in Solid Edge SE2026 All versions V226.0 Update 5. The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current...
Delta Electronics ASDA-Soft
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...
CVE-2026-2331 CVE-2026-2331
An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...
CVE-2026-2331 CVE-2026-2331
An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...
CVE-2026-2331
CVE-2026-2331 describes unauthenticated read/write access to sensitive filesystem areas via AppEngine Fileaccess over HTTP caused by improper access restrictions. A critical filesystem directory was exposed through the HTTP-based file access feature, allowing access without authentication. Impact...
PT-2026-23660
Name of the Vulnerable Software and Affected Versions AppEngine affected versions not specified Description An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical...
CVE-2025-40740
A vulnerability has been identified in Solid Edge SE2025 All versions V225.0 Update 5. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the curre...
PT-2024-9629 · Siemens · Solid Edge
Name of the Vulnerable Software and Affected Versions: Solid Edge SE2024 versions prior to V224.0 Update 10 Description: The issue is related to an integer underflow vulnerability when processing PAR files. This could allow an attacker to execute code in the context of the current process. The...
JPress 代码注入漏洞
JPress is a blogging platform developed in Java language by JPress team. A code injection vulnerability exists in JPress version 5.1.2, which stems from the parameter files being vulnerable to cross-site scripting attacks...
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...
ELADMIN 安全漏洞
ELADMIN is a backend management system for elunez individual developers. A security vulnerability exists in ELADMIN 2.7 and earlier versions, which stems from some unknown handling of files in the component database management/deployment management, where manipulation of parameter files can lead ...
PHPVibe Code Issue Vulnerability
PHPVibe is a free video management system from PHPVibe, Inc. A code issue vulnerability exists in PHPVibe version 11.0.46, which stems from a manipulation of parameter files that can lead to unrestricted file uploads...
CVE-2024-34771
A vulnerability has been identified in Solid Edge All versions V224.0 Update 2. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
PT-2024-3673 · Siemens · Siemens Solid Edge
Name of the Vulnerable Software and Affected Versions: Siemens Solid Edge versions prior to V224.0 Update 4 Description: The issue is related to an out of bounds read in memory, which can be triggered by parsing specially crafted PAR files. This could allow an attacker to execute arbitrary code i...