SK Hynix DDR5 安全漏洞

SK Hynix DDR5 is a double data rate synchronous dynamic random access memory from SK Hynix South Korea. A security vulnerability exists in SK Hynix DDR5 versions 2021-1 through 2024-12, which originates from a local attacker who can trigger a Rowhammer bit flip, potentially impacting hardware...

Dassault Systèmes 3DEXPERIENCE 操作系统命令注入漏洞

Dassault Systèmes 3DEXPERIENCE is a business and innovation platform from Dassault Systèmes France. An operating system command injection vulnerability exists in Dassault Systèmes 3DEXPERIENCE versions R2021x through 3DEXPERIENCE R2023x, which stems from a specially crafted HTTP request that coul...

CVE-2023-2763

Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while...

SolidWorks 资源管理错误漏洞

SolidWorks is a 3D CAD software from SolidWorks that runs on the Microsoft Windows platform. A security vulnerability exists in SolidWorks versions 2021 through 2023, which stems from a post-release reuse, out-of-bounds write, and heap-based buffer overflow vulnerability during file reads that...

SolidWorks 资源管理错误漏洞

SolidWorks is a 3D CAD software from SolidWorks that runs on the Microsoft Windows platform. A security vulnerability exists in SolidWorks versions 2021 through 2023, which stems from the presence of a post-release reuse vulnerability during file reading that could allow an attacker to execute...

PT-2023-14803 · Comcast Defined Technologies · Microeisbss

Name of the Vulnerable Software and Affected Versions: Comcast Defined Technologies microeisbss versions through 2021 Description: An issue allows an attacker to inject a stored XSS payload in the Device ID field under Inventory Management, achieving Remote Code Execution and privilege escalation...

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US-based Autodesk Corporation. Autodesk AutoCAD suffers from a buffer error vulnerability that stems from the fact that parsing a maliciously crafted XB file may force a read beyond the allocated boundaries. This...

PT-2022-23940 · Trend Micro · Trend Micro Security

Name of the Vulnerable Software and Affected Versions: Trend Micro Security versions 2021 through 2022 Description: The issue allows an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. It is an Out-Of-Bounds Read Information Disclosure...

PT-2022-17523 · Autodesk · Autodesk Trueview

Name of the Vulnerable Software and Affected Versions: Autodesk TrueView versions 2021 through 2022 Description: A memory corruption issue may lead to remote code execution through maliciously crafted DWG files. This can occur when parsing DWG files, allowing an attacker to write beyond the...

Eclipse Wakaama 缓冲区错误漏洞

Eclipse Wakaama is a C-based, open source implementation of the OMA LWM2M protocol from the Eclipse Foundation. A buffer error vulnerability exists in Eclipse Wakaama versions 2021-01-14 and earlier, which stems from the CoAP parsing code failing to properly clean up data received over the networ...

CVE-2021-40280

An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dlsendmail.php...

Adobe Premiere Elements 代码问题漏洞

Adobe Premiere Elements is a video editing software application from Adobe. Adobe Premiere Elements 2021 build 19.0 and earlier versions are vulnerable to a null pointer dereference. An attacker could exploit this vulnerability to cause a memory leak...

Adobe Character Animator 缓冲区错误漏洞

Adobe Character Animator is a motion capture and animation tool from Adobe. Adobe Character Animator 2021 4.4 and earlier versions contain a memory corruption vulnerability that could be exploited by attackers to execute arbitrary code in the context of the current user...

Adobe Character Animator 缓冲区错误漏洞

Adobe Character Animator is a motion capture and animation tool from Adobe. Adobe Character Animator 2021 4.4 and earlier versions contain a memory corruption vulnerability that could be exploited by attackers to execute arbitrary code in the context of the current user...

Adobe Premiere Elements 缓冲区错误漏洞

Adobe Premiere Elements is a video editing software application from Adobe. Adobe Premiere Elements 2021 build 19.0 and earlier versions are vulnerable to a memory buffer out-of-bounds access vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe Character Animator 缓冲区错误漏洞

Adobe Character Animator is a motion capture and animation tool that provides everyone with an easy-to-use solution for intuitive 2D character animation, real-time animation, and easy sharing and publishing of characters. Adobe Character Animator 2021 4.4 and earlier versions have a memory buffer...

CVE-2021-39839

Acrobat Reader DC versions 2021.005.20060 and earlier, 2020.004.30006 and earlier and 2017.011.30199 and earlier are affected by a use-after-free vulnerability in the processing of the AcroForm getItem action that could result in arbitrary code execution in the context of the current user...

MobileIron agents 信任管理问题漏洞

MobileIron agents is an application from MobileIron USA. It is used for MobileIron agents. MobileIron agents versions 2021-03-22 and earlier are vulnerable to a trust management issue that stems from the inclusion of a hard-coded encryption key that is used to encrypt the submission of...