Adobe XMP Toolkit SDK Stack Buffer Overflow Vulnerability (CNVD-2021-91982)

Adobe XMP Toolkit SDK is a tagging technology from Adobe that allows you to embed data about a file called metadata into the file itself.Adobe XMP Toolkit SDK 2021.07 and earlier versions are vulnerable to a stack buffer overflow. An attacker could exploit this vulnerability to execute arbitrary...

Adobe Animate null pointer dereference vulnerability

Adobe Animate, a multimedia creation and computer animation program, is vulnerable to a null pointer dereference in Adobe Animate 21.0.9 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code...

Pear Admin Think Arbitrary File Upload (CVE-2021-29377)

An arbitrary file upload vulnerability exists in Pear Admin Think. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

CVE-2021-25270

A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901...

FATEK Automation WinProladder Buffer Overflow Vulnerability (CNVD-2021-83604)

FATEK Automation WinProladder is a PLC from FATEK Automation in China.FATEK Automation WinProladder is vulnerable to a buffer overflow vulnerability, which can be exploited by attackers to execute arbitrary code...

FATEK Automation WinProladder Out-of-Bounds Writing Vulnerability (CNVD-2021-83606)

FATEK Automation WinProladder is a PLC from FATEK Automation in China.An out-of-bounds write vulnerability exists in FATEK Automation WinProladder, which can be exploited by attackers to execute arbitrary code...

Security Bulletin: Vulnerabilities in IBM Java Runtime and libxml2 affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition Version 8, as well as a vulnerability in GNOME libxml2 version 2.7.8. Both components are used by Tivoli Netcool/OMNIbus. The JRE vulnerability was disclosed as part of the IBM Java SDK updates in April 2021. Th...

Irfanview Buffer Overflow Vulnerability (CNVD-2021-76098)

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted RLE files...

Vulnerability fixed in ArcSight Enterprise Security Manager

Micro Focus has fixed a vulnerability in ArcSight Enterprise Security Manager ESM. An authenticated malicious person at remote user could potentially exploit the vulnerability to execute arbitrary execute arbitrary code under the application's privileges. Micro Focus shared few technical details...

CVE-2021-29363

A buffer overflow vulnerability in FORMATS!ReadRASW+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74...

Buffer overflow

A buffer overflow vulnerability in FORMATS!ReadRASW+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file...

CVE-2021-29362

A buffer overflow vulnerability in FORMATS!ReadRASW+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file...

Ubuntu: Security Advisory (USN-5090-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Voting System Project Arbitrary File Upload

A remote code execution vulnerability exists in Voting. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Ubuntu: Security Advisory (USN-5088-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5084-1: LibTIFF vulnerability

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

Remote code execution in UReport

An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code...

CVE-2021-32268

Buffer overflow vulnerability in function gffprintf in osfile.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1...

CVE-2020-21322

An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2020-21481

An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file...