Oracle MySQL Cluster Input Validation Error Vulnerability (CNVD-2022-13054)

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful and redundant version for distributed computing environments. Oracle MySQL Cluster is vulnerable to an input validation error, which can be exploited to execute arbitrary...

CVE-2022-22929

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

LSN-0084-1: Kernel Live Patch Security Notice

William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service system crash or execute arbitrary...

Ubuntu: Security Advisory (USN-5241-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5210-2: Linux kernel regression | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization SEV enabled...

USN-5241-1: QtSvg vulnerabilities

It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary co...

Design/Logic Flaw

H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNOREUNKNOWNSETTINGS=TRUE;FORBIDCREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392...

Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-42013)

Summary IBM Rational Build Forge version 8.0.x is affected by CVE-2021-42013 Vulnerability Details CVEID: CVE-2021-42013 DESCRIPTION: Apache HTTP Server could allow a remote attacker to execute arbitrary code on the system caused by a path traversal vulnerability related to an incomplete fix for...

Adobe Acrobat Reader DC buffer overflow vulnerability

Acrobat Reader DC is an excellent PDF file reader developed by the U.S. Adobe Acrobat Reader DC has a buffer overflow vulnerability, which can be exploited by attackers to execute arbitrary code in the context of the current user...

CVE-2021-36417

A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gfisomdoviconfigget function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file...

USN-5217-1: Linux kernel (OEM) vulnerabilities

It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-4090 It was discovered that the eBPF implementation in th...

CVE-2021-36414

A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file...

CVE-2021-45980

Foxit PDF Reader and PDF Editor for macOS are affected by CVE-2021-45980 (pre-11.1). The vulnerability allows remote code execution through the getURL function in the JavaScript API. Exploitation details are not expanded beyond the remote code execution vector in the sources, so practical exploit...

EulerOS Virtualization 3.0.2.0 : libX11 (EulerOS-SA-2021-2839)

According to the versions of the libX11 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11...

Security Bulletin: IBM Storage Support for Microsoft Volume Shadow Copy Service (VSS) and Virtual Disk Service (VDS) is affected by a vulnerability in Apache Log4j (CVE-2021-4104)

Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Storage Support for Microsoft Volume Shadow Copy Service VSS and Virtual Disk Service VDS for IBM Spectrum Virtualize family and IBM DS8000 family storage systems. This vulnerability has been addressed...

Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Copy Data Management (CVE-2021-44228)

Summary A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect the Help system in IBM Spectrum Copy Data Management Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execut...

Adobe Premiere Rush Code Execution Vulnerability (CNVD-2021-101126)

Adobe Premiere Rush is a cross-platform video editing software from Adobe. Adobe Premiere Rush has a security vulnerability that could be exploited by attackers to execute arbitrary code on the system...

Adobe Premiere Rush Code Execution Vulnerability (CNVD-2021-101116)

Adobe Premiere Rush is a cross-platform video editing software from Adobe. Adobe Premiere Rush has a security vulnerability that could be exploited by attackers to execute arbitrary code on the system...

Microsoft Message Queuing 信息泄露漏洞

Microsoft Message Queuing technology allows applications running at different times to communicate on heterogeneous networks and systems that are temporarily offline.An information disclosure vulnerability exists in Microsoft Message Queuing. An attacker could exploit this vulnerability to execut...

KLA12382 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security bypass vulnerability in ANGLE can be exploited to...