Vulnerabilities fixed in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy. The vulnerabilities include hard-coded cryptographic keys, improper processing of OS commands, and out-of-bounds write and read errors. Attackers can exploit these vulnerabilities to gain...

Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows...

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious person could exploit the vulnerabilities to bypass a security measure, impersonate another user, access sensitive data or execute arbitrary code in the victim's context. Successful exploitation requires the malicious part...

CVE-2024-21758

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections...

CVE-2024-26012

CVE-2024-26012: Fortinet FortiAP family devices are affected by an OS command injection vulnerability due to improper neutralization of special elements in commands. A local authenticated attacker could execute unauthorized code via the CLI. Affected products and versions include FortiAP-S: 6.2 (...

Arbitrary File Inclusion (AFI)

nesbot/carbon is vulnerable to Arbitrary File Inclusion AFI. The vulnerability is due to unsanitized user input passed to Carbon::setLocale, which allows attackers to upload files with a .php extension in a folder that can be included or required by the application, potentially executing arbitrar...

ROS-20250114-12

A vulnerability in the implementation of the Zstandard compression method of the 7-Zip archiver is related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code provided that a user opens a specially generated archive. by a user opening a special...

CVE-2024-57761

An arbitrary file upload vulnerability in the parserXML method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via uploading a crafted file...

Student Grading System SQL Injection Vulnerability (CNVD-2025-03172)

Student Grading System is a student grading system. A SQL injection vulnerability exists in Student Grading System version 1.0, which stems from a lack of validation of externally entered SQL statements in the parameter id of the file /viewstudents.php. An attacker can exploit this vulnerability ...

Avira Prime System Speedup Service Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the System Speedup...

Apple macOS CoreText Font Ligature Caret List Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

PT-2025-1022 · Cisco · Cisco Common Services Platform Collector

Name of the Vulnerable Software and Affected Versions: Cisco Common Services Platform Collector CSPC affected versions not specified Description: A vulnerability in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to...

Malicious code in jpl-branding (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 824ee6168e9d4e1ba52afc1563863a7b79255495e7975e54013eddac8de94875 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

REDAXO CMS Cross-site Scripting vulnerability

A stored cross-site scripting XSS vulnerability in the component /media/test.html of REDAXO CMS v5.17.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the password parameter...

CVE-2024-55078

An arbitrary file upload vulnerability in the component /adminUser/updateImg of WukongCRM-11.0-JAVA v11.3.3 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-12753

Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to explo...

CVE-2024-54181

IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Using specially crafted input, the user could exploit this vulnerability to execute arbitrary code on the system...

Arbitrary Code Execution

Jinja is vulnerable to Arbitrary Code Execution. The vulnerability is due to improper handling in the compiler caused by a bug that allows an attacker controlling both the content and filename of a template to execute arbitrary Python code, regardless of whether Jinja's sandbox is used...

AZL-55419 CVE-2024-56718 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: net/smc: protect link down work from execute after lgr freed link down work may be scheduled before lgr freed but execute after lgr freed, which may result in crash. So it is need to hold a reference before shedule link down work...

CVE-2024-56718 net/smc: protect link down work from execute after lgr freed

In the Linux kernel, the following vulnerability has been resolved: net/smc: protect link down work from execute after lgr freed link down work may be scheduled before lgr freed but execute after lgr freed, which may result in crash. So it is need to hold a reference before shedule link down work...