CVE-2022-43626

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

CVE-2022-28313

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...

CVE-2023-27246

An arbitrary file upload vulnerability in the Virtual Disk of MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted .htaccess file...

The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the System component of the Android operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the PCL6 printer driver for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the PCL6 printer driver for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilties (CVE-2022-43548, CVE-2020-7676, CVE-2021-42550, CVE-2021-38561, CVE-2022-32149)

Summary IBM Planning Analytics Workspace is affected by vulnerabilities. Node.js is an open-source and cross-platform JavaScript runtime environment CVE-2022-43548. Angular is a JavaScript framework that extends HTML CVE-2020-7676. Logback is a logging library for Java CVE-2021-42550. Golang Go...

Adobe Substance 3D Stager Buffer Overflow Vulnerability (CNVD-2023-41876)

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. Adobe Substance 3D Stager suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Adobe Substance 3D Stager out-of-bounds write vulnerability (CNVD-2023-43897)

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. Adobe Substance 3D Stager suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Sql injection

SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank parameter in the /dedestorycatalog.php endpoint...

Design/Logic Flaw

An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1.1 allows attackers to execute arbitrary code via a crafted JPG file...

CVE-2023-27235

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file...

CVE-2023-27235

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file...

Ubuntu: Security Advisory (USN-5951-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA48571 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in...

CVE-2023-27853

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device...

CVE-2023-27164

An arbitrary file upload vulnerability in Halo up to v1.6.1 allows attackers to execute arbitrary code via a crafted .md file...

CVE-2023-24282

An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...

Ubuntu: Security Advisory (USN-5935-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5932-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LSN-0092-1: Kernel Live Patch Security Notice

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code.CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...