SUSE-SU-2022:2524-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.36.4 bsc1201221: - CVE-2022-22662: Processing maliciously crafted web content may disclose sensitive user information. - CVE-2022-22677: The video in a webRTC call may be interrupted if the audio capture gets interrupted....

CVE-2022-34243 Adobe Photoshop U3D File Parsing Use-After-Free Remote Code Execution Vulnerability

Adobe Photoshop versions 22.5.7 and earlier and 23.3.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2022-34215 Adobe Acrobat Reader DC Annotation Polygon Out-Of-Bounds Read Remote Code Execution Vulnerability

Adobe Acrobat Reader versions 22.001.20142 and earlier, 20.005.30334 and earlier and 17.012.30229 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage thi...

Vulnerability fixed in ManageEngine ADAudit Plus

ManageEngine has fixed a vulnerability in ADAudit Plus. A unauthenticated malicious person could exploit the vulnerability to execute arbitrary code on the system on which ADAudit Plus is installed. Horizon researchers have published a write-up and proof-of-concept code published. They indicate...

CVE-2021-40643

EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page by default/usr/sbin/sendmail it is possible to execute any command, which will be executed when we make...

Security Updates for Microsoft Word Products C2R (September 2020)

The Microsoft Word Products are missing a security update. It is, therefore, affected by the following vulnerability : - A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the...

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from the U.S. company Google. Google Android has a code execution vulnerability that could be exploited by attackers to execute arbitrary code on the system...

PT-2022-3258

Name of the Vulnerable Software and Affected Versions Dominion Voting System ImageCast X affected versions not specified Description The issue is related to the manipulation of Dominion Voting System ImageCast X devices through specially crafted election definition files, allowing for arbitrary...

SUSE-SU-2022:1861-1 Security update for cups

This update for cups fixes the following issues: - CVE-2022-26691: Fixed an authentication bypass and code execution vulnerability bsc1199474...

CVE-2021-32962 Claroty Secure Remote Access Site - Authentication Bypass Using an Alternate Path or Channel

The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to cross-site scripting, which may allow an attacker to remotely execute arbitrary code...

log4j security update

0:1.2.14-6.4.2 - Fix CVE-2022-23302, CVE-2022-23305, CVE-2022-23307, CVE-2017-5645 - Orabug: 33868008 0:1.2.14-6.4.1 - Fix remote code execution vulnerability - Resolves: CVE-2021-4104 Orabug: 33689748...

CVE-2022-1360 Cambium Networks cnMaestro OS Command Injection

The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote attacker to change server configuration settings...

Remote code execution

cmseasy V7.7.520211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability...

CVE-2022-30055

Prime95 30.7 build 9 suffers from a Buffer Overflow vulnerability that could lead to Remote Code Execution...

Description of the security update for Excel 2016: May 10, 2022 (KB5002196)

Description of the security update for Excel 2016: May 10, 2022 KB5002196 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2022-29110. Note: To apply this...

SUSE-SU-2022:1511-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.36.0 bsc1198290: - CVE-2022-22624: Fixed use after free that may lead to arbitrary code execution. - CVE-2022-22628: Fixed use after free that may lead to arbitrary code execution. - CVE-2022-22629: Fixed a buffer overflo...

CGAL libcgal Code Execution Vulnerability (CNVD-2022-61367)

Laurent Rineau CGAL is an open source application by Laurent Rineau. It provides easy access to efficient and reliable geometric algorithms in the form of C libraries. CGAL libcgal suffers from a code execution vulnerability that stems from a specially formatted file that could lead to...

Google Android Code Execution Vulnerability (CNVD-2022-46288)

Google Android is a Linux-based open-source operating system from the US company Google...

MGASA-2022-0151 Updated libdxfrw packages fix security vulnerability

A code execution vulnerability exists in the dwgCompressor::decompress18 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. CVE-2021-21898 A code...

Laurent Rineau CGAL Code Execution Vulnerability (CNVD-2022-32769)

Laurent Rineau CGAL is a Laurent Rineau open source application. Provides access to geometric algorithms in the form of C ++ libraries. A code execution vulnerability exists in Laurent Rineau CGAL, which can be exploited by an attacker to cause out-of-scope reads and type obfuscation via a...