Fortinet FortiSandbox 代码问题漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A code issue vulnerability exists in Fortinet FortiSandbox versions 5.0.0...

Wondershare Dr.Fone 代码问题漏洞

Wondershare Dr.Fone is a one-stop solution for cell phones from China Wanxing Wondershare. A code issue vulnerability exists in Wondershare Dr.Fone version 11.4.9, which stems from an unquoted path to the DFWSIDService service that could lead to the execution of arbitrary code by a local user...

Adobe Substance3D Modeler 代码问题漏洞

Adobe Substance3D Modeler is a 3D modeling software from the American company Audobee Adobe. Adobe Substance 3D Modeler suffers from a null pointer dereference vulnerability that can be exploited by an attacker to cause a denial of service...

WBCE CMS 代码问题漏洞

WBCE CMS is WBCE CMS open source an open source content management system CMS based on PHP and MySQL. A code issue vulnerability exists in WBCE CMS version 1.5.2, which originates from an authenticated attacker who can upload a malicious droplet via the admin panel, potentially leading to remote...

ProtonVPN 代码问题漏洞

ProtonVPN is a VPN application from ProtonVPN Open Source. A code issue vulnerability exists in ProtonVPN version 1.26.0, which stems from an unquoted WireGuard service configuration path that could allow a local attacker to execute arbitrary code...

Microsoft Azure 代码问题漏洞

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft Corporation Microsoft. A code issue vulnerability exists in Microsoft Azure. An attacker exploiting this vulnerability could remotely execute code...

CoolerMaster MasterPlus 代码问题漏洞

CoolerMaster MasterPlus is a lighting control software from CoolerMaster USA. A code issue vulnerability exists in CoolerMaster MasterPlus version 1.8.5, which stems from an unquoted MPService service path that could allow a local attacker to execute code with elevated system privileges...

Metabase 代码问题漏洞

Metabase is an open source data analytics platform from US-based Metabase, Inc. A code issue vulnerability exists in Metabase versions prior to 55.13, prior to 56.3, and prior to 57.1, which stems from the fact that instances that allow users to create subscriptions may be affected...

CVE-2023-49062

Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP v4 Too Big packet generation. After a bpfxdpadjusthead call, Katran code didn’t initialize the Identification field for the IPv4 header, resulting in writing content ...

CVE-2021-27509

In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code...

CVE-2022-35003

JPEGDEC commit be4843c was discovered to contain a global buffer overflow via ucDitherBuffer at /src/jpeg.inl...

CVE-2020-10876

The OKLOK 3.1.1 mobile companion app for Fingerprint Bluetooth Padlock FB50 2.3 does not correctly implement its timeout on the four-digit verification code that is required for resetting passwords, nor does it properly restrict excessive verification attempts. This allows an attacker to brute...

Mastodon 代码问题漏洞

Mastodon is an open source social networking server based on ActivityPub by Mastodon Open Source. A code issue vulnerability exists in Mastodon versions prior to 4.5.4, prior to 4.4.11, prior to 4.3.17, and prior to 4.2.29, which stems from the lack of an IP address range restriction that could...

n8n 代码问题漏洞

n8n is a scalable workflow automation tool from n8n open source. A code issue vulnerability exists in n8n 0.121.2 and prior versions that originates from an authenticated attacker who can execute malicious code that could lead to a full crack...

LibreChat 代码问题漏洞

LibreChat is a free, highly customizable, unified AI conversation platform open-sourced by LibreChat, capable of aggregating and running large models from any vendor in a single interface. A code issue vulnerability exists in LibreChat version 0.8.1-rc2, which stems from a missing restriction in...

QNAP Systems QTS 代码问题漏洞

QNAP Systems QTS is a software with data storage and management capabilities from Taiwan, China-based QNAP Systems. A code issue vulnerability exists in QNAP Systems QTS that originates from a null pointer dereference and could lead to a denial of service attack...

FontForge 代码问题漏洞

FontForge is an open source font editing tool from fontforge that supports multiple languages. A code issue vulnerability exists in FontForge that stems from improper validation of data when parsing SFD files, which could lead to deserialization of untrusted data and remote code execution...

Esri ArcGIS Server 代码问题漏洞

Esri ArcGIS Server is a web-oriented enterprise software platform available for providing geolocation services from Esri. A code issue vulnerability exists in Esri ArcGIS Server 11.5 and prior versions that stems from not properly validating an uploaded file, which could result in the upload of a...

SOUND4 IMPACT 代码问题漏洞

SOUND4 IMPACT is a professional broadcast audio processor from the French company SOUND4. A code issue vulnerability exists in SOUND4 IMPACT 2.x and prior versions, which stems from an inadequate session expiration mechanism that could lead to session hijacking and unauthorized access...

UPF 代码问题漏洞

UPF is an open source user interface from the Aether SD-Core Project. A code issue vulnerability exists in UPF 2.1.3-dev and earlier versions, which originates in the PFCP Session Establishment Request Handler component function in file /pfcpiface/pfcpiface/messagessession.go. A null pointer...