CVE-2025-27681

Vasion Print formerly PrinterLogic before Virtual Appliance Host 1.0.735 Application 20.0.1330 mishandles Client Inter-process Security V-2022-004...

CVE-2025-27681

Vasion Print formerly PrinterLogic before Virtual Appliance Host 1.0.735 Application 20.0.1330 mishandles Client Inter-process Security V-2022-004...

CVE-2025-27681

Vasion Print formerly PrinterLogic before Virtual Appliance Host 1.0.735 Application 20.0.1330 mishandles Client Inter-process Security V-2022-004...

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print that stems from improper client-side inter-process security handling...

CVE-2025-27681

CVE-2025-27681 affects Vasion Print (formerly PrinterLogic) prior to Virtual Appliance Host 1.0.735 Application 20.0.1330. The root cause is described as mishandling of Client Inter-process Security V-2022-004, leading to a critical impact across confidentiality, integrity, and availability. CVSS...

CVE-2025-27681

Vasion Print formerly PrinterLogic before Virtual Appliance Host 1.0.735 Application 20.0.1330 mishandles Client Inter-process Security V-2022-004...

CVE-2023-34309

The CVE-2023-34309 issue affects Ashlar-Vellum Cobalt. A flaw in the CO file parser occurs from insufficient validation of a user-supplied value before it is dereferenced as a pointer, enabling arbitrary code execution in the current process. Exploitation requires user interaction (visiting a mal...

Siemens Teamcenter Visualization and JT2Go Heap Buffer Overflow Vulnerability (CNVD-2023-69809)

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A heap buffer overflow vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code ...

Python -- multiple vulnerabilities

Python reports: gh-103142: The version of OpenSSL used in Windows and Mac installers has been upgraded to 1.1.1u to address CVE-2023-2650, CVE-2023-0465, CVE-2023-0466, CVE-2023-0464, as well as CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 fixed previously in 1.1.1t gh-101727. gh-102153:...

Default credentials

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Gifloader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an...

Memory corruption

In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 when a process, such as jexec8 or killall1, calls jailattach2 to enter a jail, the jailed root can attach to it using ptrace2 before the current working directory is changed...

grub2 安全漏洞

grub2 is a Linux system boot program from the GNU community. GRUB2 has a security vulnerability that allows grub to be booted directly if a certificate signing grub is installed into the db. it can then boot any kernel without signature verification...

Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of P...

Microsoft Azure Sphere Normal World application READ_IMPLIES_EXEC personality unsigned code execution vulnerability

Summary A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.06. A specially crafted shellcode can cause a process’ heap to become executable. An attacker can execute a shellcode that sets the READIMPLIESEXEC personality to...

FF Sandbox Escape (CVE-2020-12388)

By James Forshaw, Project Zero In my previous blog post I discussed an issue with the Windows Kernel’s handling of Restricted Tokens which allowed me to escape the Chrome GPU sandbox. Originally I’d planned to use Firefox for the proof-of-concept as Firefox uses the same effective sandbox level a...

Adobe FrameMaker CEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CE...

CryKeX - Linux Memory Cryptographic Keys Extractor

CryKeX - Linux Memory Cryptographic Keys Extractor Properties: Cross-platform Minimalism Simplicity Interactivity Compatibility/Portability Application Independable Process Wrapping Process Injection Dependencies: Unix - should work on any Unix-based OS BASH - the whole script root privileges...

CVE-2017-17052

The mminit function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the -exefile member of a new process's mmstruct, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program...

Google Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap

Google Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=928 Bitmap objects can be passed between processes by flattening them to a Parcel in one process and un-flattening them in another. In order...

Apple QuickTime mvhd Atom Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...