PT-2025-52472

Name of the Vulnerable Software and Affected Versions RealDefense SUPERAntiSpyware affected versions not specified Description A local attacker can escalate privileges on affected installations of RealDefense SUPERAntiSpyware. To exploit this, an attacker must first have the ability to execute...

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SAS...

Arista NG Firewall load_capture_settings Exposed Dangerous Function Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Arista NG Firewall. Authentication is not required to exploit this vulnerability. The specific flaw exists within the logout.py module. The issue results from an exposed dangerous function. A...

EUVD-2023-56285

Malicious code in bioql PyPI...

(Pwn2Own) Microsoft Windows Exposed Dangerous Function Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Security Bulletin: IBM TX Advanced is affected by an Out-of-bounds Write vulnerability and by a Use of Inherently Dangerous Function vulnerability due to the way that the product uses certain C library functions.

Summary IBM TX Advanced is affected by an Out-of-bounds Write vulnerability and by a Use of Inherently Dangerous Function vulnerability due to the way that the product uses certain C library functions. IBM TX Advanced has changed the C library functions that it uses in order to address these...

Security Bulletin: IBM TX Standard is affected by an Out-of-bounds Write vulnerability and by a Use of Inherently Dangerous Function vulnerability due to the way that the product uses certain C library functions.

Summary IBM TX Standard is affected by an Out-of-bounds Write vulnerability and by a Use of Inherently Dangerous Function vulnerability due to the way that the product uses certain C library functions. IBM TX Standard has changed the C library functions that it uses in order to address these...

Security Bulletin: IBM TXSeries for Multiplatforms is affected by an Out-of-bounds Write vulnerability and by a Use of Inherently Dangerous Function vulnerability due to the way that the product uses certain C library functions.

Summary IBM TXSeries for Multiplatforms is affected by an Out-of-bounds Write vulnerability and by a Use of Inherently Dangerous Function vulnerability due to the way that the product uses certain C library functions. IBM TXSeries for Multiplatforms has changed the C library functions that it use...

The vulnerability of the Ruijie Reyee OS operating system is related to the use of a initially dangerous function, which allows attackers to execute arbitrary commands.

The vulnerability of the Ruijie Reyee OS operating system is related to the use of a initially dangerous function. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending a specially created malicious MQTT message...

CVE-2024-52324 Ruijie Reyee OS Use of Inherently Dangerous Function

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT message resulting in devices executing arbitrary OS commands...

CVE-2023-39470 PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability

PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability. The specific flaw exists with...

EUVD-2023-43193

PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability. The specific flaw exists with...

CVE-2023-39470

CVE-2023-39470 concerns PaperCut NG, where the vulnerability lies in the management of the print.script.sandboxed setting. The exposed dangerous function can let an attacker execute code with SYSTEM privileges after authenticating, resulting in remote code execution. Affected product: PaperCut NG...

PaperCut NG 安全漏洞

PaperCut NG is a printer control software from PaperCut, Inc. A security vulnerability exists in PaperCut NG that stems from the exposure of a dangerous function with a remote code execution vulnerability that could allow a remote attacker to execute arbitrary code on an affected installation...

CVE-2024-50307

Use of potentially dangerous function issue exists in Chatwork Desktop Application Windows versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary code may be executed ...

CVE-2024-50307

CVE-2024-50307 affects Chatwork Desktop Application (Windows) before 2.9.2. The vulnerability arises from use of a potentially dangerous function (CWE-676) that can be exploited when a user clicks a specially crafted link, allowing an arbitrary file to be downloaded from an external site and exec...

CVE-2024-50307

Use of potentially dangerous function issue exists in Chatwork Desktop Application Windows versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary code may be executed ...

JVN#78335885: Chatwork Desktop Application (Windows) uses a potentially dangerous function

Chatwork Desktop Application Windows provided by kubell Co., Ltd. contains an issue with use of potentially dangerous function CWE-676, which allows a user to access an external website via a link in the application. Impact If a user clicks a specially crafted link in the application, an arbitrar...

Microsoft Exchange ApprovedApplication Exposed Dangerous Method NTLM Relay Vulnerability

This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the ApprovedApplication class. The issue results from an exposed dangerous method. An...

CVE-2024-38434 Unitronics Vision PLC - CWE-676: Use of Potentially Dangerous Function

Unitronics Vision PLC – CWE-676: Use of Potentially Dangerous Function may allow security feature bypass...