CVE-2020-19199

A Cross Site Request Forgery CSRF vulnerability exists in PHPOK 5.2.060 via admin.php?c=admin&f=save, which could let a remote malicious user execute arbitrary code...

Tenda AC11 Stack Buffer Overflow Vulnerability (CNVD-2021-33998)

The Tenda AC11 is an AC1200 dual-band Gigabit WiFi router. A stack buffer overflow vulnerability exists in /goform/setmac in the Tenda AC11 02.03.01.104CN and earlier firmware. An attacker can exploit this vulnerability to execute arbitrary code on the system via a specially crafted post request...

CVE-2021-31755

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request...

CVE-2021-31756

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get...

Stack overflow

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request...

CVE-2021-31755

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request...

Ubuntu: Security Advisory (USN-4934-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2021-1788)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2imagecompose function in jbig2image....

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Rational products based on IBM Jazz technology

Summary Multiple vulnerabilities in WebSphere Application Server traditional bundled with IBM Jazz Team Server based Applications affect the following products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team...

CVE-2020-18020

SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "userphone" parameter of a crafted HTTP request to the "admin.php" component...

CVE-2021-22660

CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code...

Server side request forgery (ssrf)

A server-side request forgery SSRF vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows remote attackers to execute arbitrary code via a crafted URL to the theme/plugin installer...

Buffer overflow

Buffer overflow in the abstboxread function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file...

CVE-2021-31254

CVE-2021-31254 describes a buffer overflow in GPAC’s MP4Box tenc_box_read function (GPAC 1.0.1). A crafted file with related invalid IV sizes can cause a denial of service or allow execution of arbitrary code. The vulnerability is tied to GPAC 1.0.1; no other product/version details are provided ...

CVE-2021-31255

Buffer overflow in the abstboxread function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file...

Adobe Bridge out-of-bounds write vulnerability (CNVD-2021-30416)

Adobe Bridge is a free digital asset management application from Adobe. Adobe Bridge suffers from an out-of-bounds write vulnerability. An attacker could exploit the vulnerability to execute arbitrary code...

Adobe Photoshop Buffer Overflow Vulnerability (CNVD-2021-30425)

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. A buffer overflow vulnerability exists in Adobe Photoshop. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe Bridge Memory Corruption Vulnerability (CNVD-2021-30418)

Adobe Bridge is a free digital asset management application from Adobe. A memory corruption vulnerability exists in Adobe Bridge. An attacker could exploit the vulnerability to execute arbitrary code...

Ubuntu: Security Advisory (USN-4909-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4912-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4912-1 advisory. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some...