92 matches found
CVE-2021-41544
A vulnerability has been identified in Siemens Software Center All versions V3.0. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path...
CVE-2021-41544
A vulnerability has been identified in Siemens Software Center All versions V3.0. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path...
Path traversal
A vulnerability has been identified in Siemens Software Center All versions V3.0. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path...
CVE-2021-41544
A vulnerability has been identified in Siemens Software Center All versions V3.0. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path...
CVE-2021-41544
A vulnerability has been identified in Siemens Software Center All versions V3.0. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path...
PT-2023-5571 · Siemens · Siemens Software Center
Name of the Vulnerable Software and Affected Versions: Siemens Software Center versions prior to V3.0 Description: A DLL Hijacking issue could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path. This is relat...
Siemens Software Center 代码问题漏洞
Siemens Software Center allows the download, installation and activation of purchased software. A DLL hijacking vulnerability exists in Siemens Software Center, which can be exploited by an attacker to execute code with elevated privilege by placing a malicious DLL in a directory on the DLL searc...
​Siemens Software Center
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...
CVE-2021-3806
A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...
CVE-2021-3806
A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...
Path traversal
A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...
CVE-2021-3806 Path Traversal in Pardus Software Center
A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...
CVE-2021-3806
CVE-2021-3806 describes a path traversal vulnerability in Pardus Software Center’s extractArchive function. An attacker on the same network could leverage this to perform a man-in-the-middle and write files on the system. Reported across multiple sources (NVD entry, CVE listings, and PT-Security ...
Pardus 软件中心 路径遍历漏洞
Pardus is a Turkish Linux distribution. A security vulnerability exists in the center of the Pardus software, which stems from a path traversal vulnerability due to a lack of effective filtering of parameters in the extractArchive feature of the software, which could allow anyone on the same...
The vulnerability of the set function in the object-path library of the Aurora Application Software Center, related to uncontrolled changes to prototype attributes of objects, allows attackers to execute a “prototype pollution” attack.
The vulnerability of the set function in the object-path library of the Aurora application software is related to uncontrolled changes in object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to execute an “infection of the prototype” attack...
The vulnerability of the PostCSS library in Aurora Application Software, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of the PostCSS application library in Aurora Software Center, related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the y18n application library at Avora Center lies in the uncontrolled modification of object prototypes’ attributes, allowing attackers to execute “prototype pollution” attacks.
The vulnerability of the y18n application library in Aurora Software Center is related to uncontrolled changes to object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to execute a “prototype contamination” attack remotely...
The vulnerability of the set function in the set-value library of the Afroara Application Software Center, related to uncontrolled changes in object prototypes’ attributes, allows attackers to execute a “prototype pollution” attack.
The vulnerability of the set function in the set-value library of the Afroa Application Software is related to uncontrolled changes in object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to carry out a “prototype contamination” attack...
Micro Focus Fortify software security center cross-site scripting vulnerability
Micro Focus Fortify Software Security Center SSC is a software lifecycle security management solution. A cross-site scripting vulnerability exists in Micro Focus Fortify software security center versions 18.1 and 18.2. The vulnerability stems from a web application that lacks proper validation of...
PostgreSQL -- anonymous remote access data corruption vulnerability
PostgreSQL project reports: The PostgreSQL Global Development Group has released a security update to all current versions of the PostgreSQL database system, including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security vulnerability in versions 9.0 and later. Al...