CVE-2020-14521

Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition...

CVE-2020-14521 Mitsubishi Electric Factory Automation Engineering Products Unquoted Search Path or Element

Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerability listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and po...

CVE-2021-45364

A Code Execution vulnerability exists in Statamic Version through 3.2.26 via SettingsController.php. NOTE: the vendor indicates that there was an error in publishing this CVE Record, and that all parties agree that the affected code was not used in any Statamic product...

CVE-2022-21927

HEVC Video Extensions Remote Code Execution Vulnerability...

CVE-2022-21991 Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability

...

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in the Kestrel Web Server and Visual Studio Code. The vulnerabilities allow a malicious party to execute arbitrary code or cause a denial-of-service cause. The Denial-of-Service vulnerability with reference CVE-2022-21986 is located in the Kestrel web server. This...

Mageia: Security Advisory (MGASA-2017-0475)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2020-0436)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

log4j security update

0:1.2.14-6.4.1 - Fix remote code execution vulnerability - Resolves: CVE-2021-4104 Orabug: 33689748...

Security Updates for Exchange (January 2022)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary code. %NASLMINLEVEL 70300 C Tenable, Inc...

CVE-2022-21960

Windows Resilient File System ReFS Remote Code Execution Vulnerability...

Description of the security update for Office 2013: January 11, 2022 (KB5002124)

Description of the security update for Office 2013: January 11, 2022 KB5002124 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2022-21840. Note: To apply thi...

Description of the security update for Excel 2013: January 11, 2022 (KB5002128)

Description of the security update for Excel 2013: January 11, 2022 KB5002128 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2022-21840. Note: To apply this...

Description of the security update for SharePoint Server Subscription Edition Language Pack: January 11, 2022 (KB5002110)

Description of the security update for SharePoint Server Subscription Edition Language Pack: January 11, 2022 KB5002110 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and...

Bentley Systems Bentley View 资源管理错误漏洞

Bentley View, a free viewer from Bentley Systems, Inc. A security vulnerability exists in Bentley View 3DS file parsing, which is caused by not verifying the existence of an object before performing an operation on it. An attacker could exploit this vulnerability to execute code in the context of...

Veritas Enterprise Vault Code Execution Vulnerability (CNVD-2021-95586)

Veritas Enterprise Vault is an enterprise-grade file protection, archiving automation software from Veritas, USA. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and earlier versions, where Enterprise Vault application startup launches multiple services that listen for commands...

SUSE SLES12 Security Update : nodejs14 (SUSE-SU-2021:3886-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3886-1 advisory. - The parser in accepts requests with a space SP right after the header name before the colon. This can lead to HTTP Request Smuggling HRS in...

Open Design Alliance (ODA) Drawings Explorer DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawings Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

Open Design Alliance (ODA) ODAViewer U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA ODAViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...