Siemens Tecnomatix Plant Simulation Out-of-Bounds Write Vulnerability (CNVD-2023-15416)

Siemens Tecnomatix Plant Simulation is an object-oriented, graphical, integrated modeling and simulation tool. An out-of-bounds write vulnerability exists in Siemens Tecnomatix Plant Simulation. An attacker can exploit this vulnerability to execute code in the context of the current process...

Siemens JT Open and JT Utilitiesh Memory Corruption Vulnerability

JT Open Toolkit is an application programming interface API for software developers who support JT, a publicly released data format developed by Siemens Digital Industry Software and widely used for communication, visualization, digital modeling, and various other purposes.Siemens JT Open and JT...

SUSE CVE-2004-0109

Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry...

SUSE CVE-2005-0227

PostgreSQL pgsql 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension...

SUSE CVE-2007-4631

The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames...

SUSE CVE-2008-4190

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the 1 ipseclive.conn and 2 ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream...

SUSE CVE-2010-0297

Buffer overflow in the usbhosthandlecontrol function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service guest OS crash or hang or possibly execute arbitrary code on the host OS via a crafted USB packet...

SUSE CVE-2010-1447

The Safe aka Safe.pm module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended 1...

SUSE CVE-2012-0806

Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors...

SUSE CVE-2014-4877

Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the...

SUSE CVE-2014-8097

The DBE extension in X.Org X Window System aka X11 or X X11R6.1 and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index value to the 1...

SUSE CVE-2015-8770

Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...

SUSE CVE-2018-12035

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yrexecutecode in libyara/exec.c...

SUSE CVE-2022-34483

An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from...

CVE-2022-47936

A vulnerability has been identified in JT Open All versions V11.2.3.0, JT Utilities All versions V13.2.3.0, Parasolid V34.0 All versions V34.0.252, Parasolid V34.1 All versions V34.1.242, Parasolid V35.0 All versions V35.0.170, Parasolid V35.1 All versions V35.1.150. The affected application...

CVE-2023-24990

A vulnerability has been identified in Tecnomatix Plant Simulation All versions V2201.0006. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the...

Siemens Solid Edge Out-of-Bounds Reading Vulnerability (CNVD-2023-09643)

Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an out-of-bounds read vulnerability that could be exploited to execute code in the context of the current process...

Siemens Solid Edge Out-of-Bounds Writing Vulnerability (CNVD-2023-09638)

Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an out-of-bounds write vulnerability that could be exploited to execute code in the context of the current process...

Siemens Solid Edge Out-of-Bounds Reading Vulnerability (CNVD-2023-09639)

Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an out-of-bounds read vulnerability that could be exploited to execute code in the context of the current process...

Siemens Solid Edge Uninitialized Pointer Access Vulnerability

Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an uninitialized pointer access vulnerability that could be exploited to execute code in the context of the current process...