120948 matches found
CVE-2025-54273
Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Multiple RSUPPORT products may insecurely load Dynamic Link Libraries
Overview Multiple RSUPPORT products contain multiple vulnerabilities listed below. RemoteView PC Application Console vulnerable to uncontrolled search path element CWE-427 - CVE-2025-26859 RemoteCall Remote Support Program for Operator vulnerable to uncontrolled search path element CWE-427 -...
CVE-2025-26860
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26859
RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26861
RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26861
CVE-2025-26861 affects RemoteCall Remote Support Program (for Operator). The vulnerability is an uncontrolled search path element (CWE-427) in versions prior to 5.3.0, which could allow arbitrary code execution if a crafted DLL is placed in the same folder as the affected product. Public sources ...
CVE-2025-26861
RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26860
The CVE-2025-26860 entry concerns RemoteCall Remote Support Program (for Operator) prior to version 5.1.0. The vulnerability is an uncontrolled search path element (CWE-427) that can allow arbitrary code execution if a crafted DLL is placed in the application’s folder. Documents confirm the root ...
CVE-2025-26860
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26860
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26859
CVE-2025-26859 affects RSUPPORT’s RemoteView PC Application Console. Versions prior to 6.0.2 are vulnerable to an uncontrolled search path element (CWE-427) that can allow arbitrary code execution if a crafted DLL is placed in the application’s folder. The issue’s root cause is a perilous search ...
EUVD-2025-34518
RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
USN-7823-1: FFmpeg vulnerabilities
It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS. CVE-2024-35365 It was discovered that FFmpeg did not correctly handle...
USN-7823-1 ffmpeg vulnerabilities
It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS. CVE-2024-35365 It was discovered that FFmpeg did not correctly handle...
CVE-2025-11746 XStore | Multipurpose WooCommerce Theme <= 9.5.4 - Authenticated (Subscriber+) Local File Inclusion
The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.5.4 via theetajaxrequiredpluginspopup function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on t...
CVE-2023-7305
SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...
CVE-2011-10033
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
EUVD-2011-5263
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
CVE-2011-10033
The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...
CVE-2025-54279
Animate versions 23.0.13, 24.0.10 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...