PT-2022-18063 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.4 iOS versions prior to 15.5 iPadOS versions prior to 15.5 Description: A memory corruption issue was addressed with improved memory handling, which could allow a malicious application to execute arbitrary code with...

Foxit PDF Reader Doc Object Remote Code Execution Vulnerability (CNVD-2023-07881)

Foxit PDF Reader is a PDF reader from Foxit China.A remote code execution vulnerability exists in the Foxit PDF Reader Doc object, which can be exploited by attackers to execute code in the context of the current process...

CVE-2022-28243

Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...

CVE-2022-29655

An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

Siemens JT2Go and Teamcenter Visualization Dual Release Vulnerability (CNVD-2022-36381)

Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. Siemens JT2Go and Teamcenter Visualization are vulnerable and can be exploited by attackers to The vulnerability can be exploited to...

CVE-2022-1616

A flaw was found in vim, which is vulnerable to a heap-buffer-overflow in appendcommand of the src/exdocmd.c function. This flaw allows a specially crafted file to crash software, modify memory, or execute code when opened in vim...

CVE-2021-38433 RTI Connext DDS Professional and Connext DDS Secure Stack-based Buffer Overflow

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code...

EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2022-1624)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to t...

Improper Input Validation

Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Improper Input Validation. An attacker with read access and HTTP access to Jenkins master can insert data and execute arbitrary code on the server. Remediation Upgrad...

CVE-2022-0354

A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window...

Notable 路径遍历漏洞

Notable is a Markdown-based note-taking software with cross-platform support from the individual developers of Notable. A path traversal vulnerability exists in Notable-insiders that stems from incorrect validation of the file URI scheme. Hyperlinks pointing to SMB shares could lead to the...

Adobe Photoshop out-of-bounds write vulnerability (CNVD-2022-42168)

Adobe Photoshop is a set of image processing software from Adobe. Adobe Photoshop is vulnerable to an out-of-bounds write vulnerability. An attacker could exploit the vulnerability to execute code in the context of the current user...

Arbitrary file upload in Ghost

An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file...

Samsung SMR Heap Buffer Overflow Vulnerability (CNVD-2022-63658)

Samsung SMR is a system patch package from South Korea's Samsung Samsung. Samsung SMR contains a heap buffer overflow vulnerability that can be exploited by attackers to execute code...

Samsung SMR Heap Buffer Overflow Vulnerability (CNVD-2022-63656)

Samsung SMR is a system patch package from South Korea's Samsung Samsung. Samsung SMR contains a heap buffer overflow vulnerability that can be exploited by attackers to execute code...

Samsung SMR Heap Buffer Overflow Vulnerability

Samsung SMR is a system patch package from South Korea's Samsung Samsung. Samsung SMR contains a heap buffer overflow vulnerability that can be exploited by attackers to execute code...

Adobe Flash Player Use-After-Free Vulnerability

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 AS3 implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service DoS...

PT-2022-6708 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to insufficient access controls in Microsoft Edge, allowing a remote attacker to bypass security restrictions, elevate privileges, or execute...

CVE-2022-27352

Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability via /app/register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

Design/Logic Flaw

Musical World v1 was discovered to contain an arbitrary file upload vulnerability via uploadedsongs.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...