Adobe Premiere Elements Memory Buffer Out-of-Bounds Access Vulnerability (CNVD-2021-91991)

Adobe Premiere Elements is a video editing software application from Adobe. Adobe Premiere Elements 2021 build 19.0 and earlier versions are vulnerable to a memory buffer out-of-bounds access vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe Animate 资源管理错误漏洞

Adobe Animate, a multimedia creation and computer animation program, is vulnerable to a post-release reuse vulnerability in Adobe Animate 21.0.9 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code...

The vulnerability of the Windows Graphics component of the Windows operating system, related to errors in code generation, allows a hacker to execute arbitrary code.

The vulnerability of the Windows Graphics component of the Windows operating system is related to errors in code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Heap overflow

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process...

IBM Cognos Analytics Remote Code Execution Vulnerability

A remote code execution vulnerability exists in IBM Cognos Analytics version 11.1.7, 11.2.0, a suite of business intelligence software from IBM Corporation that provides valuable information, secure data governance, and reporting. The vulnerability stems from incorrect neutralization of...

Important: httpd24

Issue Overview: A NULL pointer dereference was found in Apache httpd modh2. The highest threat from this flaw is to system integrity. CVE-2021-33193 A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threa...

Vulnerabilities fixed in Adobe Connect

Adobe has fixed two vulnerabilities in Adobe Connect. A unauthenticated remote malicious person could exploit the vulnerabilities potentially exploit them to execute arbitrary code with permissions of the application. Adobe has released updates to fix the vulnerabilities in Connect 11.2.3. For mo...

CVE-2021-38460

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries...

CVE-2021-38454

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries...

IR615 Router authorization issue vulnerability

The IR615 Router is a 4G industrial router from Rimu Technologies of China. The IR615 Router is vulnerable to an authorization issue that could be exploited by an attacker to take full control of the product and execute code on the internal network to which the product is connected...

Information disclosure

A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. An unauthenticated user could remotely exploit the low complexity issue to execute code as administrator. This vulnerability impacts completely the...

CVE-2021-34775

Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...

Siemens Solid Edge Viewer OBJ File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2021-40708

Adobe Genuine Service versions 7.3 and earlier are affected by a privilege escalation vulnerability in the AGSService installer. An authenticated attacker could leverage this vulnerability to achieve read / write privileges to execute arbitrary code. User interaction is required to abuse this...

VMWare vCenter Server Arbitrary File Upload (CVE-2021-22005)

An arbitrary file upload vulnerability exists in VMWare vCenter Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

VMware vCenter Server File Upload Vulnerability

Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructure. vCenter Server is vulnerable to a...

CVE-2021-22005

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file...

FAAD2 Heap Buffer Overflow Vulnerability

Freeware Advanced Audio Decoder 2 FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder licensed under the GPLv2 license. ltprediction function in ltpredict.c in FAAD2 2.10.0 and earlier versions is vulnerable to a heap buffer overflow vulnerability. An attacker could exploit this vulnerability t...

VMware Warns of Critical File Upload Vulnerability Affecting vCenter Server

VMware on Tuesday published a new bulletin warning of as many as 19 vulnerabilities in vCenter Server and Cloud Foundation appliances that a remote attacker could exploit to take control of an affected system. The most urgent among them is an arbitrary file upload vulnerability in the Analytics...

VMware vCenter Server Appliance Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware vCenter Server Appliance. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...