CVE-2020-8850

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Security Vulnerabilities fixed in Firefox 135 — Mozilla

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. The fullscreen notification is prematurely hidden when...

KLA79487 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Security vulnerability in c...

Exploit for Integer Overflow or Wraparound in Microsoft

CVE-2024-49112-PoC CVE-2024-49112 LDAP RCE PoC and Metasploit...

Exploit for Code Injection in Rejetto Http_File_Server

HFS2.3poc HFS2.3未经身份验证的远程代码执行CVE-2024-23692 python HFS2.3...

IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files...

Siemens Tecnomatix Plant Simulation Memory Misreference Vulnerability

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A memory misreference vulnerability exists in Siemens...

Mozilla Firefox post-release reuse vulnerability (CNVD-2024-40750)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a post-release reuse vulnerability that can be exploited by an attacker to execute code in a content process...

Mozilla Thunderbird < 128.3.1

The version of Thunderbird installed on the remote Windows host is prior to 128.3.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-52 advisory. - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation...

Google Chrome Autofill memory misreference vulnerability (CNVD-2024-38572)

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 128.0.6613.138, which stems from a messed up instruction responsible for freeing memory in Autofill. An attacker could exploit this vulnerability to...

Adobe Photoshop JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2...

Microsoft Azure Service Fabric servicefabricsdkstorage Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Service Fabric for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Service Fabric. When installed from the official...

D-Link DAP-2622 Buffer Overflow Vulnerability (CNVD-2024-32559)

The D-Link DAP-2622 is a wireless access point Access Point device from China's D-Link. The D-Link DAP-2622 suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute code in the root context...

Mozilla Firefox and Thunderbird Code Execution Vulnerability (CNVD-2024-34597)

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. A code execution vulnerability exists in Mozilla Firefox and Thunderbird, which is caused by a memory corruption in NSS. An attacker could exploit this...

Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2024-23522)

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute cod...

Siemens PS/IGES Parasolid Translator component out-of-bounds read vulnerability (CNVD-2024-24528)

Parasolild Translators is a single-format translator toolkit for high-speed end-to-end translation between Parasolid and several industry formats such as STEP or IGES. An out-of-bounds read vulnerability exists in the Siemens PS/IGES Parasolid Translator component, which can be exploited by an...

Dell DM5500 Code Issues Vulnerabilities

The Dell DM5500 is an integrated solution from Dell, Inc. It provides industry-leading deduplication, data protection solutions and multi-cloud capabilities. A code issue vulnerability exists in Dell DM5500 version 5.15.0.0 and earlier, which stems from an application containing an insecure...

Exploit for Deserialization of Untrusted Data in Torrentpier

CVE-2024-1651 This CVE was discovered by Carlos Bello from the...

PT-2024-2993

The vulnerable software is CrushFTP, a managed file transfer vendor. The vulnerability affects all versions before 10.7.1 and 11.1.0 on all platforms, allowing unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrati...

Google Chrome post-release reuse vulnerability (CNVD-2024-29289)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a post-release reuse vulnerability that can be exploited by an attacker to execute arbitrary code on a system...