5334 matches found
Ubuntu: Security Advisory (USN-5323-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
Summary Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. CSM version 6.3.2 ships the latest library available 2.17.1. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could...
Tenda AX1806 Stack Overflow Vulnerability
Tenda AX1806 is a WiFi6 wireless router from Tenda, a Chinese company. Tenda AX1806 is vulnerable to a stack overflow vulnerability, which allows remote attackers to submit special requests that could crash an application or execute arbitrary code in application context...
CVE-2022-26846
SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code...
KLA12481 Multiple vulnerabilities in Microsoft System Center
Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Defender for IoT c...
GHSA-QWH6-XWJ4-9CJG Remote code execution in net.mingsoft:ms-mcms
net.mingsoft:ms-mcms =5.2.5 is affected by: RCE. The impact is: execute arbitrary code remote. The attack vector is: $"freemarker.template.utility.Execute"?new"calc". ¶¶ MCMS has a pre-auth RCE vulnerability through which allows unauthenticated attacker with network access via http to compromise...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
KLA12482 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in ANGLE can be exploited to cause...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
CVE-2021-23206
A flaw was found in htmldoc in v1.9.12 and prior. A stack buffer overflow in parsetable in ps-pdf.cxx may lead to execute arbitrary code and denial of service...
CVE-2021-41193
Wire-AVS (the AVS component of Wire) is affected by a remote format string vulnerability in versions before 7.1.12. The issue can lead to denial of service or potentially arbitrary code execution. A fix is available in wire-avs 7.1.12 and has been integrated into Wire products. Connected sources ...
CVE-2022-26149
MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator...
CVE-2021-3700
CVE-2021-3700 affects usbredir: use-after-free in usbredirparser_serialize() within usbredirparser.c for versions prior to 0.11.0. Impact described as possible denial of service and potentially arbitrary code execution. Remediation present in multiple advisories: upgrade usbredir to a newer relea...
CVE-2022-25073
TL-WR841Nv14US0.9.14.18 routers were discovered to contain a stack overflow in the function dmfillObjByStr. This vulnerability allows unauthenticated attackers to execute arbitrary code...
CVE-2022-24356
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
CVE-2021-46631
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
CVE-2021-46642
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-46036
An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code...