CVE-2022-38440

Adobe Dimension versions 3.4.5 is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation...

Code injection

A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers able to inject WLAN frames to corrupt a linked list and, in turn, potentially execute code...

Adobe Dimension out-of-bounds read vulnerability

Adobe Dimension is a suite of 2D and 3D compositing design tools from Adobe, Inc. An out-of-bounds read vulnerability exists in versions prior to Adobe Dimension 3.4.6, which stems from an out-of-bounds read vulnerability when parsing constructed files, which could result in reading beyond the en...

Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2025-24459)

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code...

Dolibarr ERP/CRM 代码注入漏洞

Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system from the French Dolibarr Foundation. The system can be used to manage products, inventory, invoices, orders, etc. An access control error vulnerability exists in Dolibarr ERP/CRM 15.0....

CVE-2022-41851

A vulnerability has been identified in JTTK All versions V11.1.1.0, Simcenter Femap V2022.1 All versions V2022.1.3, Simcenter Femap V2022.2 All versions V2022.2.2. The JTTK library is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. An...

TOTOLINK NR1800X setOpModeCfg buffer overflow vulnerability

TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China Gion Electronics TOTOLINK.Designed to provide fast and convenient deployment of NR fixed data services for homes and offices.TOTOLINK NR1800X V9.1.0u.6279B20210910 version is vulnerable to a buffer overflow vulnerability,...

CVE-2022-31680

The vCenter Server contains an unsafe deserialisation vulnerability in the PSC Platform services controller. A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server...

PT-2022-26385 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

CVE-2022-3256

A heap use-after-free vulnerability was found in vim's movemark function of the src/mark.c file. This issue occurs because vim uses freed memory when 'autocmd' changes the mark. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free th...

Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities

Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol LLDP for Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to execute code, cause the service to reload unexpectedly, or cause Cisco Discovery Protocol or LLDP database corrupti...

Orckestra C1 CMS 代码问题漏洞

C1 CMS is an open source web content management system CMS based on .NET. A deserialization vulnerability exists in versions of Orckestra C1 CMS prior to 6.13. An authenticated attacker can exploit this vulnerability to execute arbitrary code...

CVE-2022-3236

A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older...

CVE-2022-3236

A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older...

CVE-2022-3236

A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older. Recent assessments: cbeek-r7 at September 06, 2024 6:10pm UTC reported: On September 5th 2024, CISA released a security bulletin highlighting the...

D-Link DIR-2150 Buffer Overflow Vulnerability

D-Link DIR-2150 is a wireless router device from D-Link. D-Link DIR-2150c is vulnerable to a buffer overflow, which can be exploited by attackers to execute code in the root context...

D-Link DIR-2150 Buffer Overflow Vulnerability (CNVD-2023-21662)

The D-Link DIR-2150 is a wireless router device from D-Link. The D-Link DIR-2150 is vulnerable to a buffer overflow vulnerability that can be exploited by attackers to execute code in the root context...

D-Link DIR-2150 Operating System Command Injection Vulnerability

The D-Link DIR-2150 is a wireless router device from D-Link.The D-Link DIR-2150 is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to execute code in the router context...

Design/Logic Flaw

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context...

CVE-2022-38412

Adobe Animate version 21.0.11 and earlier and 22.0.7 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the contex...