Ubuntu: Security Advisory (USN-6897-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Ghostscript vulnerabilities (USN-6897-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6897-1 advisory. It was discovered that Ghostscript incorrectly handled certain long PDF filter names. An attacker could possibly use this issue t...

CVE-2024-40548

An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-40546

An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-40545

An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...

Security Bulletin: pdfmake vulnerability affect IBM Spectrum Control

Summary Vulnerability in pdfmake could allow a remote attacker to execute arbitrary code on the system, which could affect IBM Spectrum Control. CVE-2024-25180. Vulnerability Details CVEID:CVE-2024-25180 DESCRIPTION: pdfmake could allow a remote attacker to execute arbitrary code on the system,...

CVE-2024-40546

An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-40548

An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...

Adobe Bridge Overflow Vulnerability

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from an overflow vulnerability that can be exploited by an attacker to execute arbitrary code on a system...

Foxit PDF Reader Memory Misreference Vulnerability (CNVD-2024-33843)

Foxit PDF Reader is China Foxit Foxit company a PDF reader. A memory misreference vulnerability exists in Foxit PDF Reader, which can be exploited by an attacker to execute arbitrary code...

CVE-2024-40545

CVE-2024-40545 affects PublicCMS v4.0.202302.e, with an arbitrary file upload vulnerability in the /admin/cmsWebFile/doUpload component that can allow arbitrary code execution through a crafted file. Public details show high impact (C/H/I/A) and are supported by multiple sources (NVD/CNA) with CV...

CVE-2024-40545

An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-40550

An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-40546

An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-39069

An issue in ifood Order Manager v3.35.5 'Gestor de Peddios.exe' allows attackers to execute arbitrary code via a DLL hijacking attack...

CVE-2024-38959

CVE-2024-38959 is a cross-site scripting vulnerability in Creativeitem Academy LMS Learning Management System v6.8.1 . The issue affects the handling of a string parameter , enabling a remote attacker to execute arbitrary code and access sensitive information . The description across multiple tru...

CVE-2024-26314

Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code...

CVE-2024-25088

Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code...

CVE-2024-22106

Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service DoS...

CVE-2024-39840

Factorio before 1.1.101 is affected. A crafted server map can trigger arbitrary code execution on clients by abusing certain Lua base module functions to execute bytecode and create fake objects. Affected component: Factorio server/client interaction via custom maps; root cause: Lua base module f...