2841 matches found
PT-2023-6143 · Siemens · Tecnomatix Plant Simulation
Name of the Vulnerable Software and Affected Versions: Tecnomatix Plant Simulation versions prior to V2201.0009 Tecnomatix Plant Simulation versions prior to V2302.0003 Description: The issue is related to an out of bounds write past the end of an allocated buffer while parsing a specially crafte...
Debian DSA-5512-1 : exim4 - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5512 advisory. Several vulnerabilities were discovered in Exim, a mail transport agent, which could result in remote code execution if the EXTERNAL or SPA/NTLM authenticato...
CVE-2023-35002
A heap-based buffer overflow vulnerability exists in the pictwread functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
Exploit for PHP External Variable Modification in Juniper Junos
CVE-2023-36844 - The "Remote Code Execution in Juniper JunOS...
SiYuan Notes Software Web App is a privacy-first personal knowledge management system that supports full offline use as well as end-to-end encrypted synchronization. Yunnan ChainDrop Technology Co., Ltd. has an XSS vulnerability in the Siyuan Notes Software Web application, which can be exploited by attackers to obtain sensitive information such as user cookies.
Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A code execution vulnerability exists in Apache Airflow HDFS Provider, which stems...
CVE-2023-36742 Visual Studio Code Remote Code Execution Vulnerability
...
September 12, 2023-KB5030181 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11, version 21H2
September 12, 2023-KB5030181 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11, version 21H2 Release Date: September 12, 2023 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and Cumulative Update for 3.5, 4.8 and 4.8.1 for Windows 11,...
PT-2023-28234 · Unknown · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...
CVE-2022-30638 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...
NETGEAR R6400v2 Code Execution Vulnerability
The NETGEAR R6400v2 is a router from NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. The NETGEAR R6400v2 suffers from a code execution vulnerability that stems from the program's failure to properly filter special elements that construct code...
NETGEAR R6400v2 安全漏洞
The NETGEAR R6400v2 is a router from NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. The NETGEAR R6400v2 suffers from a code execution vulnerability that stems from the program's failure to properly filter special elements that construct code...
Security Update for Microsoft Visual Studio Code Cloudfoundry Manifest YML Support Extension (CVE-2022-31691)
The Microsoft Visual Studio Code Cloudfoundry Manifest YML Support Extension is version 1.39.0 or below. It is, therefore, affected by a remote code execution vulnerability. The extension uses the Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML...
TOTOLINK X5000R setLanguageCfg Function Code Execution Vulnerability
TOTOLINK X5000R is a wireless router from TOTOLINK that supports Wi-Fi 6 technology with full coverage Mesh system and dual band transmission. The TOTOLINK X5000R suffers from a code execution vulnerability that stems from the lang parameter of the setLanguageCfg function failing to properly filt...
WinRAR 安全漏洞
WinRAR is a shareware program for managing zip files. A code execution vulnerability exists in WinRAR that can be exploited by an attacker to execute arbitrary code when a user attempts to view benign files in a ZIP archive...
PT-2023-26673 · Harrison Chase · Langchain
Name of the Vulnerable Software and Affected Versions: Harrison Chase langchain versions 0.0.194 and before Harrison Chase langchain versions prior to 0.0.236 Description: An issue in Harrison Chase langchain allows a remote attacker to execute arbitrary code via the from math prompt and from...
CVE-2021-25786
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf...
Metabase Remote Code Execution Exploit
Metabase versions before 0.46.6.1 contain a flaw where the secret setup-token is accessible even after the setup process has been completed. With this token a user is able to submit the setup functionality to create a new database. When creating a new database, an H2 database string is created wi...
Siemens Parasolid and Teamcenter Visualization Out-of-Bounds Read Vulnerability (CNVD-2023-62046)
Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing, and free-form surface/table modeling.Teamcenter Visualization enables organizations to enhance their product lifecycle management PLM environments with a range of comprehensiv...
Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2023-62032)
Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context ...
CVE-2023-38182 Microsoft Exchange Server Remote Code Execution Vulnerability
...