2841 matches found
CVE-2021-21898
A code execution vulnerability exists in the dwgCompressor::decompress18 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-21900
A code execution vulnerability exists in the dxfRW::processLType functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40391
An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev commit b5f1eacd, and the forked version of Gerbv commit 71493260. A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger thi...
CVE-2021-22053
Applications using both spring-cloud-netflix-hystrix-dashboard and spring-boot-starter-thymeleaf expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at /hystrix/monitor;user-provided data, the path elements following...
LibreCad libdxfrw dxfRW::processLType() use-after-free vulnerability
Talos Vulnerability Report TALOS-2021-1351 LibreCad libdxfrw dxfRW::processLType use-after-free vulnerability November 17, 2021 CVE Number CVE-2021-21900 SUMMARY A code execution vulnerability exists in the dxfRW::processLType functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A...
Mozilla Firefox Security Advisory (MFSA2011-52) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Description of the security update for Excel 2016: November 9, 2021 (KB5002056)
Description of the security update for Excel 2016: November 9, 2021 KB5002056 Summary This security update resolves a Microsoft Excel remote code execution vulnerability and Microsoft Excel security feature bypass vulnerability. To learn more about the vulnerabilities, see the following security...
Description of the security update for Office Web Apps Server 2013: November 9, 2021 (KB5002065)
Description of the security update for Office Web Apps Server 2013: November 9, 2021 KB5002065 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-40442. Not...
Microsoft Word Code Execution Vulnerability (CNVD-2025-17491)
Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...
CVE-2021-40462 Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability
...
PT-2021-23244 · Unknown · Ecoa Bas Controller
Name of the Vulnerable Software and Affected Versions: ECOA BAS controller affected versions not specified Description: The ECOA BAS controller is affected by an arbitrary file write and path traversal issue. Unauthenticated attackers can exploit this by using POST parameters to set arbitrary...
PortlandLabs Concrete CMS Cross-Site Scripting Vulnerability (CNVD-2021-76088)
PortlandLabs Concrete Cms is a team-oriented open source content management system for the United States PortlandLabs . A cross-site scripting vulnerability exists in PortlandLabs Concrete CMS that stems from the failure of the website field of the product's podcast comment feature to properly...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser from Google, Inc. A code execution vulnerability exists in Google Chrome Task Manager. A remote attacker could use this vulnerability to execute arbitrary code on the system or cause a denial of service condition...
VMware vCenter Server 代码注入漏洞
Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. vCenter Server is vulnerable to ...
CVE-2021-32294
An issue was discovered in libgig through 20200507. A heap-buffer-overflow exists in the function RIFF::List::GetSubList located in RIFF.cpp. It allows an attacker to cause code Execution...
Microsoft Word Code Execution Vulnerability (CNVD-2025-17492)
Microsoft Word is a word processing software in the Office suite of the American Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...
Security Updates for Microsoft Office (September 2021) (macOS)
The Microsoft Office product installed on the remote host is affected by multiple vulnerabilities, as follows: - A spoofing vulnerability in Microsoft Office that can be exploited by a remote, low privileged attacker. CVE-2021-38650 - A remote code execution vulnerability in Microsoft Excel that...
Microsoft Office Graphics Remote Code Execution Vulnerability
...
Description of the security update for Excel 2013: September 14, 2021 (KB5002014)
Description of the security update for Excel 2013: September 14, 2021 KB5002014 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-38655. Note: To apply thi...
CVE-2021-21897
A code execution vulnerability exists in the DLDxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...