Firebird 安全漏洞

Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, offering multiple ANSI SQL-92 features. Vulnerabilities exist in versions prior to Firebird 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the external engine...

Linux Distros Unpatched Vulnerability : CVE-2026-40342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a...

EUVD-2005-1531

Malware in sbrugna...

Kingsoft WPS Office 数据伪造问题漏洞

Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functionality. A security vulnerability exists in Kingsoft WPS Office 12.1.0.18276 and prior versions, which stems from improper verification of digital signatures and could lead to the loading o...

Kingsoft WPS Office 路径遍历漏洞

Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functions. A path traversal vulnerability exists in Kingsoft WPS Office versions 12.2.0.13110 through 12.2.0.13489, which stems from improper path validation in promecefpluginhost.exe. An attacke...

Kingsoft WPS Office 路径遍历漏洞

Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functions. A path traversal vulnerability exists in Kingsoft WPS Office versions 12.2.0.13110 through 12.2.0.13489, which stems from improper path validation in promecefpluginhost.exe. An attacke...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

RHEL 6 : glibc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary...

PT-2024-8711 · Kingsoft · Kingsoft Wps Office

Name of the Vulnerable Software and Affected Versions: Kingsoft WPS Office versions 12.2.0.13110 through 12.2.0.17119 Description: The issue is related to improper path validation in the promecefpluginhost.exe file, allowing an attacker to load an arbitrary Windows library. This can lead to the...

PT-2024-6152

Name of the Vulnerable Software and Affected Versions Kingsoft WPS Office versions 12.2.0.13110 through 12.2.0.16412 Description The issue is related to improper path validation in the promecefpluginhost.exe component of Kingsoft WPS Office, allowing an attacker to load arbitrary Windows librarie...

CVE-2023-40352

McAfee Safe Connect before 2.16.1.126 may allow an adversary with system privileges to achieve privilege escalation by loading arbitrary DLLs...

SUSE CVE-2007-3280

The Database Link library dblink in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system...

SUSE CVE-2016-4477

wpasupplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service daemon outage, via a crafted 1 SET, 2 SETCRED, or 3 SETNETWORK command...

Redis Lua Sandbox Escape

This module exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The vulnerability was introduced by Debian and Ubuntu Redis packages that insufficiently sanitized the Lua environment. The maintainers failed to disable the package interface, allowing attackers to load arbitrary libraries. On...

CVE-2020-5316

Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an...

CVE-2021-3613

OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...

OpenVPN Connect代码问题漏洞

Openvpn OpenVPN Connect is a VPN Virtual Private Network client application from the American company OpenVPN Openvpn. A security vulnerability exists in OpenVPNConnect 3.2.0 through 3.3.0 that allows a local user to load arbitrary dynamically loadable libraries if present via an OpenSSL...

PT-2021-16562 · Samsung · Samsung Mobile Devices

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices versions prior to SMR Mar-2021 Release 1 Description: A vulnerability in the DSP driver allows attackers to load arbitrary ELF libraries inside the DSP. This issue affects Samsung Mobile Devices. Recommendations: For...

CVE-2019-4448

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpumdebug binaries are setuid root and have built-in options that allow an low privileged user the ability to load arbitrary db2 libraries from a privileged context. This...

Huawei eSpace 1.1.11.103 - DLL Hijacking

Huawei eSpace 1.1.11.103 - DLL Hijacking / Huawei eSpace Desktop DLL Hijacking Vulnerability Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected version: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop, eSpace Meeting, eSpace UC Summary: Create more convenient...