Security Updates for Microsoft Excel Products (April 2025)

The Microsoft Excel Products are missing a security update. They are, therefore, affected by multiple remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has...

CVE-2025-0255

CVE-2025-0255 affects HCL DevOps Deploy / HCL Launch. The vulnerability is a command-injection flaw where a remote, authenticated attacker could execute arbitrary commands by sending specially crafted input containing special elements. Evidence from multiple sources confirms the core vulnerabilit...

OPENSUSE-SU-2025:0101-1 Security update for radare2

This update for radare2 fixes the following issues: - CVE-2025-1864: Fix buffer overflow and potential code execution. boo1238451 - CVE-2025-1744: Fix heap-based buffer over-read or buffer overflow. boo1238075...

Security Updates for Microsoft Office Products (March 2025)

The Microsoft Office Products are missing security updates. They are, therefore, affected by multiple remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has...

Security Updates for Microsoft Excel Products (March 2025)

The Microsoft Excel Products are missing a security update. They are, therefore, affected by multiple remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has...

CVE-2022-40677

A improper neutralization of argument delimiters in a command 'argument injection' in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 allows attacker to execute unauthorized code...

CVE-2024-39784

Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...

CVE-2024-39784

CVE-2024-39784 is a confirmed command-injection vulnerability in Wavlink AC3000, affecting the NAS CGI (nas.cgi) add_dir() function. Talos reports the flaw resides in processing of the disk_part POST parameter (and related adddir_name in a parallel CVE-2024-39785 path), enabling arbitrary shell c...

CVE-2024-21546

Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...

SUSE-SU-2023:4561-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.42.2 bsc1217210: - CVE-2023-41983: Processing web content may lead to a denial-of-service. - CVE-2023-42852: Processing web content may lead to arbitrary code execution. Already previously fixed: - CVE-2022-32919: Visitin...

PT-2023-22125 · Unknown · Pskernel.Dll

Name of the Vulnerable Software and Affected Versions: pskernel.dll affected versions not specified Description: A maliciously crafted file consumed through the pskernel.dll file could lead to memory corruption issues. These issues, in conjunction with other issues, could lead to code execution i...

CVE-2023-24081

Multiple stored cross-site scripting XSS vulnerabilities in Redrock Software TutorTrac before v4.2.170210 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the reason and location fields of the visits listing page...

SUSE-SU-2023:0169-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-23824: Fixed multiple speculative execution issues bnc1205209. Non-security fixes: - Updated to version 4.16.3 bsc1027519...

CVE-2022-43602

Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability...

CVE-2022-43599

Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability...

SUSE-SU-2022:3502-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Updated to version 2.36.8 bsc1203530: - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution. - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution...

SUSE-SU-2022:3492-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Updated to version 2.36.8 bsc1203530: - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution. - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution...

SUSE-SU-2022:2089-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.36.3 bsc1200106 - CVE-2022-30293: Fixed heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer bsc1199287. - CVE-2022-26700: Fixed memory corruption issue that may lead to code execution when processi...

CVE-2020-35631

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...

CVE-2020-28634

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...