124 matches found
ROS-20240402-19
A vulnerability in the VMware Tools suite for Windows operating systems is related to a flaw in the authorization procedure. of authorization. Exploitation of the vulnerability could allow an attacker acting remotely to elevate their privileges VMware Tools s utility suite vulnerability is relate...
CVE-2023-46427
An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code, cause a denial of service DoS, and obtain sensitive information via null pointer deference in gfdashsetupperiod component in mediatools/dashclient.c...
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to writing beyond buffer boundaries in memory, allowing a malicious actor to execute arbitrary code.
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the writing of code beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...
Denial Of Service (DoS)
vorbis-tools is vulnerable to Denial Of Service DoS. The vulnerability exists due to the buffer overflow in the library, which allows an attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files...
AZL-31304 CVE-2023-44487 affecting package cri-tools for versions less than 1.28.0-2
The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...
VMware Releases Security Update for Tools
VMware has released a security update to address a vulnerability in VMware Tools. A cyber threat actor can exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2023-0019link is external and apply the necessary...
PT-2023-3080 · Vmware +10 · Vmware Tools +13
Name of the Vulnerable Software and Affected Versions: VMware Tools versions prior to 12.2.5 VMware vCenter affected versions not specified Description: A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integri...
priyanshbot12 (=1.0.2) potentially affected by unknown CVE via fb-tools (=0.0.1-security)
fb-tools NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on fb-tools and may be impacted: - priyanshbot12 =1.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2023-327...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, Inc. A type-mangling vulnerability exists in versions prior to Google Chrome 111.0.5563.64, which stems from a type-mangling issue in the DevTools component. A remote attacker could exploit this vulnerability to cause heap corruption via crafted UI...
The vulnerability of the design and preparation of 3D-printing objects, related to insufficient verification of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the design and preparation tools for 3D printing is related to insufficient verification of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2022-2780)
According to the versions of the uboot-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - nfslookupreply in net/nfs.c in Das U-Boot through 2022.04 and through 2022.07-rc2 has an unbounded memcpy with a failed length check, leadin...
The vulnerability in the developer tools of browsers like Google Chrome and Microsoft Edge allows a hacker to bypass existing security restrictions and expose sensitive information.
The vulnerability of developer tools for web developers in Google Chrome and Microsoft Edge is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and expose sensitive information through a specially created...
CVE-2022-41973
multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...
Privilege escalation
multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...
CVE-2022-41973
multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...
CVE-2022-41974
multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege...
Oracle JD Edwards EnterpriseOne Tools 安全漏洞
Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The products offer application modules for financial management, project management, and asset lifecycle management. A security vulnerability exists in Oracle JD Edwards' JD Edward...
Oracle JD Edwards Products 跨站脚本漏洞
Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The products provide application modules for financial management, project management, and asset lifecycle management. A cross-site scripting vulnerability exists in Oracle JD...
USN-5578-1 open-vm-tools vulnerability
It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine...
VMware Releases Security Update
VMware has released a security update to address a vulnerability in Tools. A remote attacker could likely exploit the vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0024 and apply the necessary update. Thi...