SUSE SLES11 Security Update : cpio (SUSE-SU-2021:14777-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:14777-1 advisory. - GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that...

CVE-2020-20979

An arbitrary file upload vulnerability in the moveuploadedfile function of LJCMS v4.3 allows attackers to execute arbitrary code...

CVE-2020-20979

An arbitrary file upload vulnerability in the moveuploadedfile function of LJCMS v4.3 allows attackers to execute arbitrary code...

Memory corruption

Parsers in the open source project RCDCAP before 1.0.5 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via specially crafted packets...

CVE-2020-21359

An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file's name...

CVE-2020-21359

An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file's name...

CVE-2021-32439

Buffer overflow in the stblAppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file...

KLA12252 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A memory corruption...

The vulnerability of DIAScreen software for programmable logic controllers arises from buffer overflows in dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the software for programmable logic controllers DIAScreen arises from buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code write-off memory boundaries...

Jeecg-boot CMS Arbitrary File Upload Vulnerability

Jeecg-Boot is an intelligent development platform based on code generator. Jeecg-boot CMS version 2.3 of /jeecg-boot/sys/common/upload is vulnerable to arbitrary file upload, which can be exploited by attackers to execute arbitrary code...

CVE-2020-28088

An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code...

CVE-2020-28088

An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code...

CVE-2021-1609 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities

Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service DoS condition Execute arbitrary commands For more...

CVE-2021-34845

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-19303

An arbitrary file upload vulnerability in /fileupload.php of hdcms 5.7 allows attackers to execute arbitrary code via a crafted file...

CVE-2020-19303

An arbitrary file upload vulnerability in /fileupload.php of hdcms 5.7 allows attackers to execute arbitrary code via a crafted file...

SourceCodester Learning Management System File Upload Vulnerability

SourceCodester Learning Management System is an online learning management system from SourceCodester, Inc. in the United States. A file upload vulnerability exists in SourceCodester Learning Management System, which can be exploited by an attacker to execute arbitrary code...

CVE-2021-25200

Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\studentavatar.php...

Delta Electronics DIAScreen Type Obfuscation Vulnerability

A security vulnerability exists in Delta Electronics DIAScreen, a smartphone builder from Delta Electronics, Taiwan, China, which stems from the fact that DIAScreen is susceptible to type obfuscation and can be exploited by attackers to The vulnerability can be exploited to remotely execute...

Foxit PDF Reader has a use-after-release vulnerability

Foxit PDF Reader is a PDF reader. Foxit PDF Reader is vulnerable to a post-release exploit that could be used by remote attackers to execute arbitrary code on the target system...