Deserialization of untrusted data

The Auto Refresh Single Page plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1 via deserialization of untrusted input from the arspoptions post meta option. This makes it possible for authenticated attackers, with contributor-level access and...

PT-2024-18746 · Samsung · Samsung Internet

Name of the Vulnerable Software and Affected Versions: Samsung Internet versions prior to 24.0.3.2 Description: The issue is related to an improper validation vulnerability that allows local attackers to execute arbitrary code. This vulnerability can be exploited by local attackers...

PT-2024-15361 · Dell · Dell Digital Delivery

Name of the Vulnerable Software and Affected Versions: Dell Digital Delivery versions prior to 5.2.0.0 Description: The issue is a Use After Free Vulnerability that could be exploited by a local low privileged attacker, potentially leading to application crash or execution of arbitrary code...

SumatraPDF 3.5.2 DLL Hijacking

SumatraPDF 3.5.2 DLL Hijack Exploit Title: Sumatra PDF 3.5.2 DLL Hijack Date: 03.03.2024 Exploit Author: Krishna Vamshi Katta Rokkaiah Vendor Homepage: https://www.sumatrapdfreader.org/free-pdf-reader Software Link: https://www.sumatrapdfreader.org/download-free-pdf-viewer Version: 3.5.2 Tested o...

CVE-2022-23092

The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve gue...

Code injection

A vulnerability has been identified in Polarion ALM All versions. The REST API endpoints of doorsconnector of the affected product lacks proper authentication. An unauthenticated attacker could access the endpoints, and potentially execute code...

Brooklyn <= 4.9.7.6 - PHP Object Injection

Description The brooklyn theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.9.7.6 via deserialization of untrusted input from an unknown parameter. This makes it possible for authenticated attackers, with subscriber access and above, to inject a PHP...

CVE-2023-41276 QTS, QuTS hero, QuTScloud

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

CVE-2023-41276

CVE-2023-41276 describes a buffer copy without input size validation that affects multiple QNAP OS lines. Affected products include QTS, QuTS hero, and QuTScloud. The underlying issue allows an authenticated administrator to execute code over the network. Fixed in QTS 5.1.2.2533+ (build 20230926+...

PT-2024-1639 · Qnap · Qts +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.4.2596 build 20231128 QuTS hero versions prior to h5.1.4.2596 build 20231128 QuTScloud versions prior to c5.1.5.2651 Description: A buffer copy without checking size of input vulnerability has been reported to affect...

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is the U.S. Trend Micro Trend Micro company's suite of endpoint security protection software that provides automated threat detection and response capabilities. An elevation of privilege vulnerability exists in Trend Micro Apex One, which can be exploited by a local attacker ...

CloudLinux CageFS Security Vulnerability

CloudLinux CageFS is a virtualized file system and set of tools from CloudLinux. A security vulnerability exists in CloudLinux CageFS version 7.1.1-1 and prior versions. An attacker can exploit the vulnerability to view a list of processes and execute code as another user...

CVE-2023-6043

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and execute arbitrary code with elevated privileges...

Siemens JT2Go and Teamcenter Visualization Buffer Overflow Vulnerability (CNVD-2024-01390)

JT2Go is a JT file viewer.Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios. A buffer overflow vulnerability exists in Siemens JT2Go and Teamcenter Visualization, which can be exploited by an attacker to execute code in the context of the...

Input validation

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

Input validation

IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, which could allow the...

Vulnerability fixed in IBM Informix

IBM has fixed a vulnerability in the JDBC driver of Informix. A malicious person with rights to use the API could can exploit the vulnerability to execute arbitrary code execute code with permissions from the application using the JDBC driver. Because it cannot be estimated with what permissions...

CVE-2023-37329

A heap-based buffer overflow vulnerability was found in the PGS Blu-ray subtitle decoder within GStreamer when processing specific files. This issue could allow a malicious third party to crash the application and execute code by manipulating the heap. Mitigation Mitigation for this issue is eith...

Soledad < 8.4.2 - Unauthenticated PHP Object Injection

Description The Soledad theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 8.4.1 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable theme. If a...

PT-2023-9072 · Qnap · Quts Hero +1

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.0.1.2514 build 20230906 QTS versions prior to 5.1.2.2533 build 20230926 QuTS hero h versions prior to h5.0.1.2515 build 20230907 QuTS hero h versions prior to h5.1.2.2534 build 20230927 Description: A buffer copy witho...