306 matches found
Apache Struts2 REST plugin remote code execution vulnerability
Struts2 is the Apache Software Foundation is responsible for maintaining a MVC-based design pattern of the Web application framework for open source projects . Apache Struts2 REST plugin has a remote code execution vulnerability , due to the use of XStream component on the XML format of the packe...
Advantech WebAccess HEAP Buffer Overflow Vulnerability
Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess suffers from a HEAP buffer overflow...
Delta Industrial Automation WPLSoft dvp file heap buffer overflow vulnerability (CNVD-2017-228238)
Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A heap buffer overflow vulnerability exists in the Delta Industrial Automation WPLSoft dvp file. Due to a failure to...
Delta Industrial Automation WPLSoft dvp file heap buffer overflow vulnerability (CNVD-2017-228165)
Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A heap buffer overflow vulnerability exists in the Delta Industrial Automation WPLSoft dvp file due to a failure to valida...
The vulnerability of the Internet Explorer browser, which allows a malicious individual to execute arbitrary code or trigger a service failure.
Internet Explorer contains a vulnerability in the CFormatCache::AddRefData function, which is related to the lack of validation of data entered by users. Exploiting this vulnerability allows a malicious actor to cause service failures or execute arbitrary code...
Wireshark UMTS FP Parser Denial of Service Vulnerability
Wireshark is the most popular network protocol parser. Wireshark version 1.12.x prior to 1.12.9, the function dissecthsdschchannelinfo in epan/dissectors/packet-umtsfp.c in the UMTS FP parser does not validate the number of PDUs, and by constructing a packet, a remote attacker can exploit this...