CVE-2022-3379

Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by writing outside the memory buffer...

CVE-2022-2502

A vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-5 and the CMU contains the license feature ‘Advanced security’ which must ...

CVE-2022-28684

This vulnerability allows remote attackers to execute arbitrary code on affected installations of DevExpress. Authentication is required to exploit this vulnerability. The specific flaw exists within the SafeBinaryFormatter library. The issue results from the lack of proper validation of...

CVE-2022-40651

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

CVE-2022-40644

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

CVE-2019-13322

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

CVE-2019-17136

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-10910

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-8860

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O8.x, P9.0, Q10.0 devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The...

CVE-2024-12212

The vulnerability occurs in the parsing of CSP files. The issues result from the lack of proper validation of user-supplied data, which could allow reading past the end of allocated data structures, resulting in execution of arbitrary code...

CVE-2024-51550

Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

The vulnerability of the Framework component in Android operating systems, which allows a hacker to increase their privileges

The vulnerability of the Framework component in Android operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Android operating systems, related to insufficient validation of input data, allows attackers to escalate their privileges.

The vulnerability of Android operating systems is related to insufficient checking of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Android operating systems, related to insufficient validation of input data, allows attackers to escalate their privileges.

The vulnerability of Android operating systems is related to insufficient checking of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Android operating systems, related to insufficient validation of input data, allows attackers to escalate their privileges.

The vulnerability of Android operating systems is related to insufficient checking of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2023-39943 Ashlar-Vellum Cobalt, Xenon, Argon, Lithium Out-of-bounds Write

In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build 1204.200, the affected application lacks proper validation of user-supplied data when parsing XE files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the...

The vulnerability of the PowerDNS Recursor DNS server, related to insufficient validation of input data, allows attackers to trigger a service failure.

The vulnerability of the PowerDNS Recursor DNS server is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

ChargePoint Home Flex 缓冲区错误漏洞

ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper validation of user-supplied data, which could result in writes beyond the end of the allocated buffer. An...

The vulnerability of the module responsible for processing URL addresses of medical image and data management systems, such as Sante PACS Server PG, allows a hacker to trigger a service failure.

The vulnerability of the URL parsing module of the Sante PACS Server PG system is related to insufficient data validation during URL parsing. Exploiting this vulnerability could allow an attacker to cause service interruptions...

openSUSE 15 Security Update : chromium (openSUSE-SU-2025:0018-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0018-1 advisory. - Chromium 132.0.6834.83 stable released 2024-01-14 boo1235892 CVE-2025-0434: Out of bounds memory access in V8 CVE-2025-0435: Inappropriate...