Adobe Commerce Arbitrary Code Execution Vulnerability

Adobe Commerce is the United States of America Odobie Adobe company of a business and brand-oriented digital commerce solutions. An arbitrary code execution vulnerability exists in Adobe Commerce, which can be exploited by an attacker to execute arbitrary code...

Linux kernel ndlc.c file memory misreference vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a memory misreference vulnerability that originates from a mix-up in the instruction responsible for freeing memory in ndlcremove in...

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability (CNVD-2023-35222)

Microsoft PostScript Printer Driver is a Microsoft standard printer driver for PostScript printers from Microsoft.Microsoft PCL6 Class Printer Driver is a printer driver from Microsoft. Microsoft PCL6 Class Printer Driver is a printer driver software from Microsoft. A remote code execution...

Adobe Dimension Out-of-Bounds Read Vulnerability (CNVD-2023-31292)

Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. Adobe Dimension suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context of the current user...

Google Android Information Disclosure Vulnerability (CNVD-2023-36106)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability. An attacker can exploit this vulnerability to obtain sensitive information...

Microsoft Visual Studio Remote Code Execution Vulnerability (CNVD-2023-101687)

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. A remote code execution vulnerability exists in Microsoft Visual Studio, which can be exploited by a...

CVE-2022-41988

An information disclosure vulnerability exists in the OpenImageIO::decodeiptciim functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability...

Google Chrome PDF Security Feature Issue Vulnerability

Google Chrome is a web browser from Google, an American company. A security signature issue vulnerability exists in versions of Google Chrome prior to 102.0.5005.61, which stems from a faulty implementation of PDF. An attacker could exploit the vulnerability to gain access to sensitive informatio...

CVE-2021-44379

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. SetAutoMaint param is not object. An attacker can send an HTTP request to trigger this vulnerability...

Google TensorFlow code issue vulnerability (CNVD-2021-48859)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A code issue vulnerability exists in Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4, which can be exploited by an attacker to cause dereferencing of null pointers...

Apache Druid Privilege Permission and Access Control Issues Vulnerability

Apache Druid is the United States Apache Apache Foundation of a use of the Java language , written in column-oriented open source distributed database . Apache Druid has a security vulnerability that can be exploited by an attacker to read data from other sources e.g., the local file system using...

osTicket cross-site scripting vulnerability (CNVD-2021-48883)

osTicket is a widely used and trusted open source work order support ticket system. A cross-site scripting vulnerability exists in osTicket versions prior to 1.12.6. An attacker can exploit this vulnerability via the queue-name parameter in include/ajax.search.php...

phpIPAM cross-site scripting vulnerability (CNVD-2021-45440)

phpIPAM is a PHP-based open source ip address management software. A reflected cross-site scripting vulnerability exists in phpIPAM version 1.4.3. The vulnerability can be exploited by an attacker to conduct a cross-site scripting attack via app/dashboard/widgets/ipcalc-result.php and...

Unspecified Vulnerability in Samsung Galaxy Watch PlugIn

Samsung Galaxy Apps is a pre-installed application store program for Samsung mobile devices from Samsung South Korea. Galaxy Watch PlugIn 2.2.05.21033151 previously had a security vulnerability that could be exploited by an attacker to disclose the Wi-Fi password of a connection to a user's...

Denial of Service Vulnerability in CENTUM VP DCS System

The CENTUM VP DCS system is a Shun Control configuration application. A denial of service vulnerability exists in the CENTUM VP DCS system. An attacker could exploit this vulnerability to cause a denial of service...

SQL Injection Vulnerability in Ricochet Cloud Group Live Code Generation System (CNVD-2021-41721)

RikerCloud live code management system is an open source, free, live code system that can be operated online to improve efficiency, get more resources and so on. A SQL injection vulnerability exists in the Ricochet Cloud Live Code Generation System, which can be exploited by attackers to obtain...

ZenFone 4 Max (ZC520KL) suffers from an information disclosure vulnerability

ZenFone 4 Max ZC520KL is a smartphone. An information disclosure vulnerability exists in ZenFone 4 Max ZC520KL. An attacker can exploit the vulnerability to obtain sensitive information...

GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36647)

LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability by reading2004sectionrevhistory ... /... /src/decode.c:3051 to exploit the vulnerability and cause a heap buffer...

GNU LibreDWG Memory Leak Vulnerability

LibreDWG is a free C library for reading and writing DWG files. GNU LibreDWG version 0.10 in dwgdecodeeed ... /... A memory leak vulnerability exists in /src/decode.c:3638. An attacker could cause a memory leak by exploiting this vulnerability via specially crafted input...

GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36630)

LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10.2641. An attacker can exploit this vulnerability via the htmlwescape ... /... /programs/escape.c:97 to exploit the vulnerability and cause a heap buffer overflo...