CVE-2023-54338 Tftpd32_SE 4.60 - 'Tftpd32_svc' Unquoted Service Path

Tftpd32 SE 4.60 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be run with system-level...

Tftpd32 SE 代码问题漏洞

Tftpd32 SE is an IPv4 web server suite from the Tftpd open source. A code issue vulnerability exists in Tftpd32 SE version 4.60, which stems from unquoted service paths and could lead to a local attacker executing arbitrary code with elevated privileges...

CVE-2025-66034 fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib or python3 -m fontTools.varLib script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The...

PT-2025-48353

Name of the Vulnerable Software and Affected Versions fontTools versions 4.33.0 through 4.60.1 Description fontTools is a Python library used for manipulating fonts. A flaw exists in the fontTools.varLib script, specifically within the main code path, which can lead to arbitrary file write and...

live helper chat 安全漏洞

Live Helper Chat is an open source plugin that supports online chat by an individual developer Live Helper Chat. Provides chat functionality for web platforms. A security vulnerability exists in live helper chat version v4.60, which stems from insufficient validation of the Surname parameter inpu...

DataGear 注入漏洞

DataGear is an open source and free data visualization and analysis platform from DataGear, Inc. An injection vulnerability exists in DataGear version 4.60 and earlier versions, which stems from an incorrect manipulation of the parameter sql that can lead to sql injection...

PT-2023-19520 · Irfanview · Irfanview

Name of the Vulnerable Software and Affected Versions: IrfanView version 4.60 Description: The issue is related to improper input validation in the PDF.dll plugin, which allows attackers to execute arbitrary code when a crafted PDF file is opened. Recommendations: For IrfanView version 4.60,...

PT-2023-16408 · Unknown · Cscape Envision Rv

Name of the Vulnerable Software and Affected Versions: Cscape Envision RV version 4.60 Description: The issue arises from a lack of proper validation of user-supplied data when parsing project files, leading to an out-of-bounds write vulnerability. This could result in writes past the end of...

CVE-2020-27261

The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code...