CVE-2023-31036 CVE

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. A successful exploit of this vulnerability may lea...

CVE-2023-30789

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/work endpoint and job and company parameter...

SUSE CVE-2022-1529

An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR 91.9.1...

CVE-2022-41143

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

CVE-2022-47908

Stack-based buffer overflow vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted project file...

Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2019-12707)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A cross-site scripting vulnerability exists in Cybozu Garoon versions 4.0.0 through 4.6.3, which originates from ...

CVE-2012-6129

Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted "micro transport protocol packets."...

CVE-2002-1091

Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width...

HTTP Method Remote Format String

The remote web server seems to be vulnerable to a format string attack on the method name. An attacker might use this flaw to make it crash or even execute arbitrary code on this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11801; scriptversion"$Revision: 1.1...

Webfroot Shoutbox 2.32 - Expanded.php Remote Command Execution

Webfroot Shoutbox 2.32 - Expanded.php Remote Command Execution source: https://www.securityfocus.com/bid/7772/info Shoutbox is prone to an issue that may result in the execution of attacker-supplied code. The vulnerability exists due to insufficient sanitization of input into the expanded.php...

Mandrake 789 RedHat 6.x7 Bonobo EFSTool - Commandline Argument Buffer Overflow (1)

Mandrake 789 RedHat 6.x7 Bonobo EFSTool - Commandline Argument Buffer Overflow 1 source: https://www.securityfocus.com/bid/5125/info Bonobo is a set of tools and CORBA interfaces included as part of the Gnome infrastructure. It is designed for use on the Linux and Unix operating systems. A boundr...

Debian 2.2 - splitvt Format String

// source: https://www.securityfocus.com/bid/2210/info splitvt is a VT100 window splitter, designed to allow the user two command line interfaces in one terminal window, originally written by Sam Lantinga. It is freely available, open source, and included with many variants of the Linux Operating...

Microsoft FrontPage 98 Server Extensions for IIS / Microsoft InterDev 1.0 - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/1109/info The dvwssr.dll included with the FrontPage 98 extensions for IIS and shipped as part of the NT Option Pack has a remotely exploitable buffer overflow. This attack will result in the service no longer accepting connections and may allow for remot...