Cross site scripting

Cross Site Scripting XSS vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname...

RHEL 7 : devtoolset-10-gcc (RHSA-2021:4039)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4039 advisory. The GNU Compiler Collection GCC is a portable compiler suite with support for various programming languages, including C, C++, and Fortran. The...

Nvidia vGPU Software Resource Management Error Vulnerability

Nvidia vGPU Software is a management software from Nvidia Corporation for providing GPU capabilities to virtual machines. NVIDIA vGPU software is vulnerable to a resource management error that could be exploited by attackers to execute arbitrary code that affects integrity and availability...

CVE-2021-26740

Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code...

CVE-2021-26740

Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code...

CVE-2020-26707

An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 which allows attackers to execute arbitrary code via the filePath parameter...

Updated ffmpeg packages fix security vulnerability

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service. CVE-2020-20446 FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service...

CVE-2020-22079

Stack-based buffer overflow in Tenda AC-10U AC1200 Router USAC10UV1.0RTLV15.03.06.48multiTDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg...

CVE-2020-22079

Stack-based buffer overflow in Tenda AC-10U AC1200 Router USAC10UV1.0RTLV15.03.06.48multiTDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg...

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Google Chrome. A unauthenticated remote malicious person could exploit the vulnerabilities potentially exploit the vulnerabilities to cause a denial-of-service or execute arbitrary code with the application's permissions. Google has not published substantive...

Adobe Animate out-of-bounds write vulnerability (CNVD-2021-84298)

Adobe Animate, a multimedia creation and computer animation program, is vulnerable to an out-of-bounds write vulnerability in Adobe Animate 21.0.9 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe XMP Toolkit SDK Stack Buffer Overflow Vulnerability (CNVD-2021-91982)

Adobe XMP Toolkit SDK is a tagging technology from Adobe that allows you to embed data about a file called metadata into the file itself.Adobe XMP Toolkit SDK 2021.07 and earlier versions are vulnerable to a stack buffer overflow. An attacker could exploit this vulnerability to execute arbitrary...

Adobe Animate null pointer dereference vulnerability

Adobe Animate, a multimedia creation and computer animation program, is vulnerable to a null pointer dereference in Adobe Animate 21.0.9 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe InDesign Buffer Overflow Vulnerability (CNVD-2021-85265)

Adobe InDesign is a desktop publishing DTP application from Adobe that is primarily used for typesetting and editing a variety of printed materials. A buffer overflow vulnerability exists in Adobe InDesign. An attacker can exploit this vulnerability to execute arbitrary code...

Pear Admin Think Arbitrary File Upload (CVE-2021-29377)

An arbitrary file upload vulnerability exists in Pear Admin Think. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

CVE-2021-25270

A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901...

FATEK Automation WinProladder Out-of-Bounds Writing Vulnerability (CNVD-2021-83606)

FATEK Automation WinProladder is a PLC from FATEK Automation in China.An out-of-bounds write vulnerability exists in FATEK Automation WinProladder, which can be exploited by attackers to execute arbitrary code...

FATEK Automation WinProladder Buffer Overflow Vulnerability (CNVD-2021-83604)

FATEK Automation WinProladder is a PLC from FATEK Automation in China.FATEK Automation WinProladder is vulnerable to a buffer overflow vulnerability, which can be exploited by attackers to execute arbitrary code...

Security Bulletin: Vulnerabilities in IBM Java Runtime and libxml2 affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition Version 8, as well as a vulnerability in GNOME libxml2 version 2.7.8. Both components are used by Tivoli Netcool/OMNIbus. The JRE vulnerability was disclosed as part of the IBM Java SDK updates in April 2021. Th...

Irfanview Buffer Overflow Vulnerability (CNVD-2021-76098)

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted RLE files...