Adobe Framemaker heap buffer overflow vulnerability (CNVD-2024-27545)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker, which is caused by incorrect boundary checking. An attacker...

CVE-2024-36078

In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on the server to modify the gem's files, injecting arbitrary code into Zammad processes which run with the environment and permissions of the Zammad user...

Siemens Parasolid X_T File Out-of-Bounds Write Vulnerability

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. An out-of-bounds write vulnerability exists in Siemens Parasolid XT files, which can be exploited by an attacker to execute code...

CVE-2024-30009

Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability...

GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories

...

CVE-2024-32163

CMSeasy 7.7.7.9 is vulnerable to code execution...

WBSAirback Code Execution Vulnerability (CNVD-2024-27125)

WBSAirback is a next generation storage and backup system from WBSAirback. A code execution vulnerability exists in WBSAirback version 21.02.04, which can be exploited by an attacker to execute arbitrary code...

CVE-2024-2226

creationtimestamp| type| source ---|---|--- 2024-04-11 06:56:18+00:00| seen| https://t.me/arpsyndicate/4461 2025-01-31 03:22:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3560 2025-01-31 04:13:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3576...

Bento4 Ap4StsdAtom.cpp file code execution vulnerability

Bento4 is an open source C++ library for reading and writing MP4 files. A code execution vulnerability exists in the Bento4 Ap4StsdAtom.cpp file, which stems from the failure of the AP4StsdAtom::AP4StsdAtom method of the Ap4StsdAtom.cpp file to correctly filter the special elements of the...

CVE-2024-24581

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write...

MGASA-2024-0106 Updated unixODBC packages fix security vulnerability

It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash...

D-Link DIR-845L Code Execution Vulnerability

The D-Link DIR-845 is a wireless router from China-based AUO D-Link. A code execution vulnerability exists in D-Link DIR-845L v1.01KRb03 and earlier versions, which stems from the soapcgimain function failing to correctly filter the special elements of the constructor snippet in the cgibin binary...

PT-2024-22452 · Netcome · Netcome Ns-Asg Application Security Gateway

Name of the Vulnerable Software and Affected Versions: Netcome NS-ASG Application Security Gateway version 6.3.1 Description: The issue allows a local attacker to execute arbitrary code and obtain sensitive information via a crafted script to the loginid parameter of the "/singlelogin.php"...

RaspAP Vulnerable to Code Injection via an Unknown Process in File `includes/provider.php`

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...

CVE-2024-2497 RaspAP raspap-webgui HTTP POST Request provider.php code injection

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...

GHSA-242P-4V39-2V8G

creationtimestamp| type| source ---|---|--- 2024-03-12 16:46:09+00:00| seen| https://t.me/ctinow/205835...

PT-2024-11733 · Unknown · Online Flight Booking Management System

Name of the Vulnerable Software and Affected Versions: Online Flight Booking Management System version 1.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the airline parameter in the feedback form. This enables the execution of...

BIT-DOTNET-2023-35390 .NET and Visual Studio Remote Code Execution Vulnerability

.NET and Visual Studio Remote Code Execution Vulnerability...

GHSA-7JWH-3VRQ-Q3M8

creationtimestamp| type| source ---|---|--- 2024-03-04 21:56:40+00:00| seen| https://t.me/ctinow/199628...

CVE-2023-52478

creationtimestamp| type| source ---|---|--- 2024-02-29 07:01:50+00:00| seen| Telegram/3RYyDDRRWL8HlFO03Hyz-PfKWP5zVI0iKDyRW9XUi2HnPAB 2024-02-29 07:21:58+00:00| seen| https://t.me/ctinow/196272 2024-02-29 07:26:38+00:00| seen| https://t.me/ctinow/196289 2024-02-29 12:41:19+00:00| seen|...