Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35413)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to send a specially crafted file and execute arbitrary code on the target system...

Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35411)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to pass specially crafted data to an application, trigger a heap buffer overflow, and execute arbitrary code o...

Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35415)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to pass crafted data to an application, trigger a heap buffer overflow, and execute arbitrary code on the targ...

Accusoft ImageGear out-of-bounds write vulnerability (CNVD-2022-35417)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear that originates from a boundary error when handling untrusted input in the TIFF YCbCr image parser function. An attacker can exploit the vulnerabilit...

Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35414)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to pass crafted data to an application, trigger a heap buffer overflow, and execute arbitrary code on the targ...

Microsoft Office Visio Remote Code Execution Vulnerability (CNVD-2022-20139)

Microsoft Office is an office software suite of products from Microsoft Corporation USA. Microsoft Office Visio is vulnerable to remote code execution. The vulnerability is due to a boundary error in the processing of EMRCOMMENTEMFPLUS records in EMF images. A remote attacker could exploit this...

Microsoft Word 2016 Tampering Vulnerability (KB5002139)

This host is missing a critical security update according to Microsoft KB5002139. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

Microsoft Word 2013 Service Pack 1 Tampering Vulnerability (KB5002068)

This host is missing a critical security update according to Microsoft KB5002068 Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Code injection

In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state...

CVE-2022-0675

In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state...

Dell Vnx2 Oe For File OS Command Injection Vulnerability

Dell Vnx2 Oe For File is an operating environment from Dell USA. The Dell Vnx2 Oe For File suffers from an operating system command injection vulnerability that originates from incorrect input validation. A remote attacker could use this vulnerability to send a special request and execute arbitra...

CVE-2021-43859

XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulatin...

Huawei AIS-BW80H-00 Command Injection Vulnerability

Huawei AIS-BW80H-00 is a smart speaker device from Huawei China. Huawei AIS-BW80H-00 is vulnerable to a command injection vulnerability caused by the device's inability to effectively defend against malicious outside interference. A local attacker could exploit the vulnerability to pass specially...

Apache Karaf code issue vulnerability (CNVD-2022-14707)

Apache Karaf is the United States Apache Apache Foundation for the deployment of applications and components of a lightweight OSGi Java Dynamic Modular System container. Apache Karaf suffers from a code issue vulnerability that stems from insecure input validation when handling serialized data,...

Acer Care Center 代码问题漏洞

Acer Care Center is a system care center from Acer China that backs up or restores your system settings and network drivers to prevent the effects of system failure. Acer Care Center has a security vulnerability that can be exploited by an attacker by placing a malicious DLL file on the target...

Apache log4j JMSSink deserialization code execution vulnerability

Apache Log4j is a Java-based open source logging tool from the Apache Foundation. Apache log4j JMSSink is vulnerable to deserialized code execution. The vulnerability stems from insecure input validation when the program is processing serialized data. A remote attacker could exploit the...

Microsoft Windows IKE Extension Denial of Service Vulnerability

Microsoft Windows is a windowed operating system developed by Microsoft Corporation. A denial-of-service vulnerability exists in Microsoft Windows IKE Extension, which can be exploited by attackers to cause the target system to stop responding...

Google Chrome Resource Management Error Vulnerability (CNVD-2022-14876)

Google Chrome is a Web browser from Google, Inc. A resource management error vulnerability exists in Google Chrome, which stems from repeated calls to freed resources by the product's login component. A remote attacker could use this vulnerability to create a specially crafted web page, trick a...

Adobe Media Encoder memory corruption vulnerability

A memory corruption vulnerability exists in Adobe Media Encoder, an audio and video encoding application from Adobe, which stems from a boundary error when handling untrusted input. An attacker could use this vulnerability to trigger memory corruption and execute arbitrary code on the target syst...

Foxit PDF Reader and Foxit PDF Editor Buffer Overflow Vulnerability

Foxit PDF Reader is China Foxit Foxit company a PDF reader. A buffer overflow vulnerability exists in Foxit PDF Reader and Foxit PDF Editor, which results from a boundary error when processing PDF files. An attacker can exploit this vulnerability to create a carefully constructed PDF file, trick...