1835 matches found
CVE-2023-47541
Fortinet FortiSandbox is affected by CVE-2023-47541, a path traversal flaw caused by improper limitation of a pathname to a restricted directory that allows a local attacker to execute unauthorized code or commands via the CLI. Affected FortiSandbox versions include 2.0.0–2.0.3, 2.1.0–2.1.3, 2.2....
CVE-2023-45590
An improper control of generation of code 'code injection' in Fortinet FortiClientLinux version 7.2.0, 7.0.6 through 7.0.10 and 7.0.3 through 7.0.4 allows attacker to execute unauthorized code or commands via tricking a FortiClientLinux user into visiting a malicious website...
CVE-2023-45590
Fortinet FortiClientLinux contains an improper control of code generation (CWE-94) that can lead to remote code execution when a user visits a malicious website. Affected versions include FortiClientLinux 7.0.3–7.0.4, 7.0.6–7.0.10, and 7.2.0. Fortinet’s advisories and vendor-sec patches recommend...
Fortinet FortiSandbox 操作系统命令注入漏洞
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. The Fortinet FortiSandbox is vulnerable to an operating system command injecti...
Fortinet FortiSandbox 路径遍历漏洞
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. Fortinet FortiSandbox suffers from a path traversal vulnerability that can be...
Fortinet FortiProxy 安全漏洞
Fortinet FortiProxy is a secure network proxy from Fortinet that protects employees from cyberattacks by combining a variety of detection technologies such as Web filtering, DNS filtering, DLP, anti-virus, intrusion prevention, and advanced threat protection.FortiProxy helps reduce bandwidth...
Fortinet FortiSandbox 路径遍历漏洞
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A path traversal vulnerability exists in Fortinet FortiSandbox, which stems fr...
Rockwell Automation Arena Simulation Software Heap Buffer Overflow Vulnerability
Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A heap buffer overflow vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to...
CVE-2024-2929
A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory triggering an access violation. Once inside, the threat actor can run harmful code on the system. This...
CVE-2024-21919
An uninitialized pointer in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by leveraging the pointer after it is properly. Once inside, the threat actor can run harmful code on the system. This affects the...
CVE-2024-21912
An arbitrary code execution vulnerability in Rockwell Automation Arena Simulation could let a malicious user insert unauthorized code into the software. This is done by writing beyond the designated memory area, which causes an access violation. Once inside, the threat actor can run harmful code ...
CVE-2024-21913
A heap-based memory buffer overflow vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code into the software by overstepping the memory boundaries, which triggers an access violation. Once inside, the threat actor can ru...
CVE-2024-21918
A memory buffer vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory and triggering an access violation. Once inside, the threat actor can run harmful code on the system. This...
CVE-2024-2929 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption
A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory triggering an access violation. Once inside, the threat actor can run harmful code on the system. This...
CVE-2024-2929
Summary: CVE-2024-2929 concerns Rockwell Automation Arena Simulation software with memory corruption flaws due to buffer-related issues that can lead to unauthorized code execution if a user opens a malicious file. The vulnerability family includes multiple memory-corruption variants (out-of-boun...
CVE-2024-2929 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption
A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory triggering an access violation. Once inside, the threat actor can run harmful code on the system. This...
CVE-2024-21919 Rockwell Automation Arena Simulation Vulnerable To Uninitialized Pointer
An uninitialized pointer in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by leveraging the pointer after it is properly. Once inside, the threat actor can run harmful code on the system. This affects the...
CVE-2024-21919 Rockwell Automation Arena Simulation Vulnerable To Uninitialized Pointer
An uninitialized pointer in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by leveraging the pointer after it is properly. Once inside, the threat actor can run harmful code on the system. This affects the...
CVE-2024-21919
The CVE-2024-21919 entry concerns Rockwell Automation Arena Simulation Software with an uninitialized pointer access vulnerability. Affected product: Arena Simulation Software (version 16.00 listed; later patch 16.20.03 is recommended). Root cause: uninitialized pointer accessible during operatio...
CVE-2024-21918 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption
A memory buffer vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory and triggering an access violation. Once inside, the threat actor can run harmful code on the system. This...