74 matches found
PT-2026-51360
Name of the Vulnerable Software and Affected Versions Autodesk Fusion Desktop affected versions not specified Description A flaw in the MCP extension allows arbitrary code execution when a user visits a maliciously crafted webpage while the software is running and the extension is enabled. A...
CVE-2010-10017 WM Downloader 3.1.2.2 Buffer Overflow via Malformed M3U File
WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler SEH records and execute arbitrary code. Exploitation...
PT-2025-35369
Name of the Vulnerable Software and Affected Versions: WM Downloader version 3.1.2.2 Description: WM Downloader version 3.1.2.2 is susceptible to a buffer overflow when handling a crafted .m3u playlist file. Insufficient input length validation allows overwriting of structured exception handler S...
The vulnerability of the XWiki platform for creating collaborative web applications lies in the insufficient verification of the authenticity of executed queries. This allows attackers to obtain the rights of the current user.
The vulnerability of the XWiki Platform lies in the insufficient verification of the authenticity of executed queries. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain the privileges of the current user through a specially created URL...
CVE-2023-29065
The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database...
BD FACSChorus Security Breach
BD FACSChorus is a multichannel flow cytometry system from BD Medical BD. A security vulnerability exists in the BD FACSChorus that originates from a software database that can be directly accessed with the privileges of the currently logged in user...
Safety 代码问题漏洞
Safety is a Python based software package for checking the safety of programs. A security vulnerability exists in Safety Designer 1.11.0 and earlier versions, which stems from a deserialization vulnerability in the .NET Framework classes used and not properly checked, which allows an attacker to...
Microsoft Support Diagnostic Tool Remote Code Execution Vulnerability
Microsoft Support Diagnostic Tool MSDT, Microsoft Support Diagnostic Tool is a utility program used to troubleshoot and collect diagnostic data for professionals to analyze and solve problems.Microsoft Office is a popular office software developed by Microsoft Corporation. Microsoft Support...
The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.
The vulnerability of the Adobe Framemaker desktop publishing system lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with the privileges of the current user, using a specially crafted file...
Cisco UCS Manager Software Operating System Command Injection Vulnerability
The Cisco UCS 6400 Series Fabric Interconnects is a 6400 series switching matrix device from Cisco USA. An operating system command injection vulnerability exists in the local management CLI in Cisco UCS Manager Software, which stems from the program's failure to perform sufficient input validati...
PT-2020-1632 · Microsoft · Chakracore +1
Name of the Vulnerable Software and Affected Versions: Microsoft Edge ChakraCore affected versions not specified Description: The issue is related to errors in handling objects in memory by the ChakraCore scripting engine. This could allow a remote attacker to execute arbitrary code in the contex...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36635)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge suffers from a memory corruption vulnerability in the Chakra scripting engine. The vulnerability stems from a problem in the way the Chakra scripting engine handles objects...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36636)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge suffers from a memory corruption vulnerability in the Chakra scripting engine. The vulnerability stems from a problem in the way the Chakra scripting engine handles objects...
The vulnerability of the Windows operating system, related to errors in processing files with the .LNK extension, allows a hacker to execute arbitrary code.
The vulnerability of the Windows operating system is related to errors in processing files with the extension .LNK. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system with current user privileges, by placing a specially created file in a network file...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36637)
Edge is Microsoft's browser for Windows 10, Chakra JScript engine is a JavaScript engine developed by Microsoft for its Internet Explorer 9, Internet Explorer 10, Internet Explorer 11 and Microsoft Edge and other web browsers. Microsoft Edge suffers from a Chakra Scripting Engine memory corruptio...
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2019-39009)
Internet Explorer is a web browser from Microsoft. Formerly known as Microsoft Internet Explorer prior to version 6 and Windows Internet Explorer versions 7, 8, 9, 10, 11, or IE for short. A memory corruption vulnerability exists in the Microsoft Internet Explorer scripting engine. The...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-36876)
Edge is Microsoft's browser for Windows 10, characterized as fast and secure.Chakra JScript engine is a JavaScript engine developed by Microsoft for its Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, and Microsoft Edge web browsers. A memory corruption vulnerability in the Chakr...
The vulnerability of the Windows operating system, related to errors in processing files with the .LNK extension, allows a hacker to execute arbitrary code.
The vulnerability of the Windows operating system is related to errors in processing files with the extension .LNK. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system with current user privileges, by placing a specially created file in a network...
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability
Internet Explorer is a web browser from Microsoft. Formerly known as Microsoft Internet Explorer prior to version 6 and Windows Internet Explorer versions 7, 8, 9, 10, 11, or IE for short. A memory corruption vulnerability exists in the Microsoft Internet Explorer scripting engine. The...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2019-28645)
Edge is Microsoft's browser for Windows 10.Chakra JScript engine is a JavaScript engine developed by Microsoft for its web browsers Internet Explorer 9, Internet Explorer 10, Internet Explorer 11, and Microsoft Edge web browsers. A memory corruption vulnerability exists in Microsoft Edge. The...