4202 matches found
CVE-2023-46870
extcap/nrfsnifferble.py, extcap/nrfsnifferble.sh, extcap/SnifferAPI/.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python scripts...
CVE-2023-31039
Security vulnerability in Apache bRPC = 1.5.0, download link: https://dist.apache.org/repos/dist/release/brpc/1.5.0/ https://dist.apache.org/repos/dist/release/brpc/1.5.0/ 2. If you are using an old version of bRPC and hard to upgrade, you can apply this patch:...
Microsoft Outlook Code Execution Vulnerability (CNVD-2026-00044)
Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A code execution vulnerability exists in Microsoft Outlook, which can be exploited by an attacker to execute arbitrary code on a system...
tbb security update
An update is available for tbb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Threading Building Blocks TBB is a C++ runtime library that abstracts the low-lev...
CVE-2025-21198
Microsoft High Performance Compute HPC Pack Remote Code Execution Vulnerability...
CVE-2025-0910
CVE-2025-0910 concerns PDF-XChange Editor. The U3D file parsing module contains an input validation flaw that can allow a write past the end of an allocated object, leading to remote code execution in the context of the affected process. The vulnerability requires user interaction (visiting a mal...
CVE-2025-21371
Windows Telephony Service Remote Code Execution Vulnerability...
CVE-2025-21201
Windows Telephony Server Remote Code Execution Vulnerability...
CVE-2025-21400 Microsoft SharePoint Server Remote Code Execution Vulnerability
...
CVE-2025-21371
CVE-2025-21371 is a remote code execution vulnerability in Windows Telephony Service. Connected documents identify the affected component as Windows Telephony Service and annotate the CVE with a high severity (CVSS v3.1: 8.8, NETWORK attack, no privileges required, user interaction required, C/H/...
CVE-2025-21407 Windows Telephony Service Remote Code Execution Vulnerability
...
CVE-2025-21369 Microsoft Digest Authentication Remote Code Execution Vulnerability
...
Moderate: Red Hat Security Advisory: gcc-toolset-14-gcc security update
An update for gcc-toolset-14-gcc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
PT-2025-28684 · Irfanview · Irfanview +1
Name of the Vulnerable Software and Affected Versions: IrfanView CADImage Plugin affected versions not specified Description: The IrfanView CADImage plugin contains a memory corruption flaw related to parsing DWG files. Successful exploitation of this issue could allow an attacker to execute...
Microsoft Office 资源管理错误漏洞
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...
KB5051974: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (February 2025)
The remote Windows host is missing security update 5051974. It is, therefore, affected by multiple vulnerabilities - Windows Telephony Service Remote Code Execution Vulnerability CVE-2025-21190, CVE-2025-21200, CVE-2025-21371, CVE-2025-21406, CVE-2025-21407 - Microsoft Digest Authentication Remot...
Security Updates for Microsoft Office Online Server (February 2025)
The Microsoft Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
Moderate: doxygen security update
Doxygen can generate an online class browser in HTML and/or a reference manual in LaTeX from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. Security Fixes:...
CVE-2024-57407
An arbitrary file upload vulnerability in the component /userPicture of Timo v2.0.3 allows attackers to execute arbitrary code via uploading a crafted file...
Moderate: Red Hat Security Advisory: tbb security update
An update for tbb is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...