LibreOffice Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LibreOffice. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of documen...

(Pwn2Own) ICONICS GENESIS64 TDFX File Parsing Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

flatCore 代码问题漏洞

flatCore is a lightweight content management system CMS based on PHP and SQLite. A security vulnerability exists in flatCore-CMS 2.0.8, which stems from an application call to a dangerous function that leads to a server-side request forgery vulnerability...

The vulnerability of the Proofpoint Insider Threat Management Agent for Windows software lies in the use of a potentially dangerous function that allows a hacker to execute arbitrary code with system privileges.

The vulnerability of the Proofpoint Insider Threat Management Agent for Windows software is related to the use of a potentially dangerous function. Exploiting this vulnerability could allow an attacker to execute arbitrary code with system privileges...

Ivanti Avalanche SetSettings Exposed Dangerous Function Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetSettings class. The issue results from the lack of authentication prior to allowi...

CVE-2021-23556

Guake is vulnerable before version 3.8.5 to Exposed Dangerous Method or Function due to exposure of execute_command and execute_command_by_uuid via the D-Bus interface, allowing a malicious user to run an arbitrary command. Exploitation requires the attacker to have or trigger another malicious p...

(Pwn2Own) Lexmark MC3224i PJL Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of PJL commands. The issue results from an exposed...

CVE-2021-42133

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write...

CVE-2021-42133

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write...

Design/Logic Flaw

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write...

CVE-2021-42133

An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write...

Ivanti Avalanche EnterpriseServer Service Exposed Dangerous Function Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetUser class. The issue results from the lack of authentication prior to allowing...

GHSA-79JW-6WG7-R9G4 Use of Potentially Dangerous Function in mixme

Impact In Node.js mixme v0.5.0, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denia...