45 matches found
CVE-2026-37711
An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/actionsaddupdatedelete.inc.php...
CVE-2025-8998
It was possible to upload files with a specific name to a temporary directory, which may result in process crashes and impact usability. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account...
PT-2025-46312
Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists that allows the upload of files with a specific name to a temporary directory. This can lead to process crashes and reduced usability. Exploitation requires authentication with an...
EUVD-2019-0618
Malware in sbrugna...
EUVD-2009-3421
Malware in sbrugna...
EUVD-2023-46210
Malicious code in bioql PyPI...
CVE-2023-41718
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file...
CVE-2023-30212
OURPHP = 7.2.0 is vulnerale to Cross Site Scripting XSS via /client/manage/ourphpout.php...
CVE-2019-19250
OpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js...
Adobe Photoshop 安全漏洞
Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. A heap buffer overflow vulnerability exists in Adobe Photoshop Desktops. The vulnerability is due to a failure to perform strict checksums on memory...
CVE-2024-45841
Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained...
CVE-2024-50804
Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code via the DeviceDeviceID.dat.bak file within the C:\ProgramData\MSI\One Dragon Center\Data folder...
CVE-2024-1574
Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in the licensing feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 and prior, Mitsubishi Electric Hyper Historian versions 10.97.2 a...
CVE-2023-4256
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpeditdltcleanup function within plugins/dltplugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a...
CVE-2023-41718
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file...
CVE-2023-41718
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file...
Design/Logic Flaw
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file...
CVE-2023-41718
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file...
CVE-2023-41718
When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file...
Remote code execution
Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types...