1503 matches found
IrfanView DXF File Parsing Type Obfuscation Remote Code Execution Vulnerability (CNVD-2024-48742)
IrfanView is an image viewer. It supports image browsing, image editing, image format conversion and so on. A type-obfuscated remote code execution vulnerability exists in IrfanView DXF file parsing, which can be exploited by an attacker to execute code in the context of the current process...
IrfanView Code Execution Vulnerability (CNVD-2024-48750)
IrfanView is an image viewer. It supports image browsing, image editing, image format conversion and so on. IrfanView suffers from a code execution vulnerability that can be exploited by an attacker to cause remote code execution...
Horovod Remote Code Execution Vulnerability
Horovod is an open source distributed deep learning training framework designed to improve the training efficiency and scalability of large-scale deep learning models. Horovod suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code on a...
IrfanView JPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPM files...
IrfanView DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files...
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files...
Remote Code Execution (RCE)
LibVNCserver.so is vulnerable to Remote Code Execution RCE. The vulnerability is due to a heap out-of-bounds write in libvncserver/rfbserver.c, allowing a remote attacker to execute arbitrary code on the system...
Microsoft Excel Remote Code Execution Vulnerability (CNVD-2024-45315)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A remote code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Ivanti Endpoint Manager SQL Injection Vulnerability (CNVD-2025-15488)
Ivanti Endpoint Manager is an enterprise-grade endpoint management solution, mainly used for centralized management of various types of devices including Windows, MacOS, Linux, iOS/Android mobile devices, etc., to achieve unified configuration, security control and remote operation and maintenanc...
PT-2024-8476
The vulnerable software is 7-Zip, a widely used file compression utility. The issue arises from an integer underflow in the Zstandard decompression implementation, allowing remote attackers to execute arbitrary code on affected installations of 7-Zip by crafting specially designed archive files. ...
EulerOS 2.0 SP9 : python-setuptools (EulerOS-SA-2024-2837)
According to the versions of the python-setuptools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download...
PT-2024-30179 · Langflow · Langflow
Name of the Vulnerable Software and Affected Versions: langflow version 1.0.12 Description: A remote code execution RCE vulnerability was discovered in langflow via the PythonCodeTool component. This issue allows a malicious JSON file to be imported to run arbitrary code on the target system by...
Important: python3.11-setuptools
Issue Overview: A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptibl...
CVE-2024-51243
The eladmin v2.7 and before contains a remote code execution RCE vulnerability that can control all application deployment servers of this management system via DeployController.java...
PT-2024-28877 · Freecoap · Freecoap
Name of the Vulnerable Software and Affected Versions: FreeCoAP affected versions not specified Description: The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted packet, resulting in a stack buffer overflow in the coap msg.c file. Recommendations:...
CVE-2024-43587
CVE-2024-43587 is a remote code execution vulnerability in Microsoft Edge (Chromium-based). Public sources in the connected data identify Edge as affected and list multiple vulnerabilities, including CVE-2024-43587, as part of a bundle affecting Edge versions prior to update 130.0.2849.46. The Op...
7z slip lead to remote code execution
This report is not public...
USN-7065-1: Firefox vulnerability
Damien Schaeffer discovered that Firefox did not properly manage memory in the content process when handling Animation timelines, leading to a use after free vulnerability. An attacker could possibly use this issue to achieve remote code execution...
Microsoft Office Remote Code Execution Vulnerability (CNVD-2024-42942)
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A remote code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...
DeepSpeed Remote Code Execution Vulnerability
DeepSpeed Remote Code Execution Vulnerability...