Cisco Jabber Code Execution Vulnerability (CNVD-2021-22912)

Cisco Jabber is a web conferencing and instant messaging application that allows users to send messages over the Extensible Messaging and Status Protocol XMPP. A code execution vulnerability exists in Cisco Jabber, which is caused by incorrect validation of message content. An attacker can send...

Code execution vulnerability in geeweb

geeweb is a PHP MySQL-based development to completely free, fast site, easy maintenance, high security, strong load force, SEO friendly and other features, for the small and medium-sized enterprises, social groups, schools and individual users, such as the station-building system. A code executio...

Code execution vulnerability in ShuipFCMS (NVD-C-2021-75467)

ShuipFCMS is a content management system based on ThinkPHP framework as the core and developed in an independent grouping approach. ShuipFCMS suffers from a code execution vulnerability that can be exploited by an attacker to gain control of the server...

XStream 代码问题漏洞

XStream is a simple Java-based library , Java objects serialized to xml and vice versa i.e. : Java objects and xml documents can be easily converted to each other . A code execution vulnerability exists in XStream, which can be exploited by an attacker to manipulate the processed input stream and...

OPENSUSE-SU-2021:0447-1 Security update for velocity

This update for velocity fixes the following issues: - CVE-2020-13936: Fixed an arbitrary code execution when attacker is able to modify templates bsc1183360. This update was imported from the SUSE:SLE-15-SP2:Update update project...

Description of the security update for Office 2013: March 9, 2021 (KB4493203)

Description of the security update for Office 2013: March 9, 2021 KB4493203 Summary This security update resolves Microsoft Excel Remote Code Execution Vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common Vulnerabilities and Exposures...

IBM DataPower Gateway Server-Side Request Forgery Vulnerability

IBM DataPower Gateway is a security and integration platform built specifically for mobile, cloud, API, web, SOA, B2B and cloud workloads. A server-side request forgery vulnerability exists in IBM DataPower Gateway 10.0.0.0-10.0.1.1, 2018.4.1.0-2018.4.1.14. A local attacker with administrative...

CGAL 输入验证错误漏洞

Libcgal is an open source C++ library that provides geometric algorithms for fast and reliable data processing. CGAL libcgal NefS2/SNCioparser.h in CGAL-5.1.1 SNCioparser::readsloop slh-incidentsface suffers from an out-of-bounds read vulnerability, which can be exploited by an attacker to achiev...

CVE-2020-35628

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in NefS2/SNCioparser.h SNCioparser::readsloop slh-incidentsface. An attacker can provide malicious input to trigger this vulnerability...

CVE-2020-35636

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in NefS2/SNCioparser.h SNCioparser::readsface sfh-volume OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution...

CGAL 输入验证错误漏洞

Libcgal is an open source C++ library that provides geometric algorithms for fast and reliable data processing. CGAL libcgal NefS2/SNCioparser.h SNCioparser::readsloop slh-twin in CGAL-5.1.1 suffers from an out-of-bounds read vulnerability, which can be exploited by an attacker to achieve code...

CVE-2020-28636

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in NefS2/SNCioparser.h SNCioparser::readsloop slh-twin An attacker can provide malicious input to trigger this vulnerability...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome Blink. A remote attacker can exploit this vulnerability to execute arbitrary code on a system or cause a denial of service condition...

CVE-2021-26857 Microsoft Exchange Server Remote Code Execution Vulnerability

...

Security fix for the ALT Linux 9 package dotnet-corefx-3.1 version 3.1.12-alt1

3.1.12-alt1 built March 1, 2021 Vitaly Lipatov in task 266709 Feb. 17, 2021 Vitaly Lipatov - .NET Core 3.1.12 - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

Code execution vulnerability in Ocean CMS (CNVD-2021-25368)

Ocean CMS, also known as SEACMS, is completely open source and free of charge, adaptive to computers, cell phones, tablets, APP multi-terminal, no encryption, more secure, it is your best station-building tool! Ocean CMS code execution vulnerabilities, attackers can use the vulnerability to obtai...

Advantech WebAccess/SCADA Local Elevation of Privilege Vulnerability

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...

Advantech WebAccess/SCADA Local Elevation of Privilege Vulnerability (CNVD-2021-11307)

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...

Security fix for the ALT Linux 9 package dotnet-bootstrap-5.0 version 5.0.3-alt1

5.0.3-alt1 built Feb. 18, 2021 Vitaly Lipatov in task 266508 Feb. 17, 2021 Vitaly Lipatov - .NET 5.0.3 and .NET SDK 5.0.103 - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 10 package dotnet-runtime-7.0 version 5.0.3-alt1

Feb. 17, 2021 Vitaly Lipatov 5.0.3-alt1 - new version 5.0.3 with rpmgs script - .NET 5.0.3 - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...