Command Execution Vulnerability in RG-UAC 6000-E50 of Beijing StarNet Ruijie Network Technology Co. Ltd (CNVD-2024-34609)

The RG-UAC 6000-E50 is an online behavior management device. A command execution vulnerability exists in the RG-UAC 6000-E50 of Beijing StarNet Ruijie Network Technology Co. Ltd, which can be exploited by an attacker to gain control of a server...

Siemens JT Open and PLM Stack Buffer Overflow Vulnerability

The Siemens JT Open Toolkit Siemens JTTK is a C++ application programming interface API from Siemens, Germany.The PLM XML SDK is a lightweight, flexible mechanism for product data transfer. It supports an adapter-based approach to transform data from any source into an XML representation. A stack...

IBM WebSphere Application Server Code Execution Vulnerability (CNVD-2024-31485)

IBM WebSphere Application Server is an application server product from International Business Machines IBM. A code execution vulnerability exists in IBM WebSphere Application Server, which can be exploited by an attacker to execute arbitrary code on the system...

Siemens Simcenter Femap Out-of-Bounds Read Vulnerability (CNVD-2024-31240)

Siemens Simcenter Femap is a cutting-edge engineering simulation application from Siemens. It is used to create, edit and import/reuse mesh-based finite element analysis models of complex products or systems. Siemens Simcenter Femap suffers from an out-of-bounds read vulnerability that can be...

Siemens Teamcenter Visualization and JT2Go Out-of-Bounds Read Vulnerability (CNVD-2024-31244)

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2Go is a JT file viewer. An out-of-bounds read vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code i...

CVE-2024-37327

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability...

CVE-2024-37322

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability...

July 9, 2024-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 (KB5041026)

July 9, 2024-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 KB5041026 Revised July 30, 2024: Add breaking change information to known issue section. Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.6.2 Microsoft .NE...

CVE-2024-27709

SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute arbitrary code via the searchby parameter of the allstudents.php component and the id parameter of the requestmanager.php component...

Splunk Enterprise Code Execution Vulnerability

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines and cloud. A code...

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-33965)

Electronic document security management system is a controllable authorization of electronic document security sharing management system, using real-time dynamic encryption and decryption protection technology and real-time rights recovery mechanism, to provide all kinds of electronic documents...

The vulnerability of the `showwaves_filter_frame` component (libavfilter/avf_showwaves.c) in the FFmpeg multimedia library allows a attacker to execute arbitrary code.

The vulnerability of the showwavesfilterframe component in the FFmpeg multimedia library’s libavfilter/avfshowwaves.c file is related to improper handling of code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Debian dsa-5725 : znc - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5725 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5725-1 [email protected] https://www.debian.org/security/...

CVE-2024-32853

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary privileges vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges...

SONY XAV-AX5500 Code Execution Vulnerability

The SONY XAV-AX5500 is a 7-inch in-vehicle center console with a wide range of functions and advanced technical features. A code execution vulnerability exists in the SONY XAV-AX5500 that stems from a lack of proper validation of software update packages and can be exploited by an attacker to...

Exploit for CVE-2023-6553

CVE-2023-6553 Due to a incorrect include statement in the "...

TP-LINK ER7206 Command Execution Vulnerability

The TP-LINK ER7206 is a multi-function Gigabit router from China P&L TP-LINK. A command execution vulnerability exists in the TP-Link ER7206 Omada Gigabit VPN Router version 1.4.1 Build 20240117, which stems from the presence of residual debugging code that can be exploited by an attacker to caus...

Js2Py Code Execution Vulnerability

Js2Py is a library from the Python Foundation. It is used to convert JavaScript to Python code. A code execution vulnerability exists in Js2Py version 0.74 and earlier, which can be exploited by an attacker to execute arbitrary code via a crafted API call...

Command Execution Vulnerability in RG-UAC Ruijie Unified Internet Behavior Management and Audit System of Beijing StarNet Ruijie Network Technology Co. Ltd (CNVD-2024-32517)

Beijing StarNet Ruijie Network Technology Co., Ltd. is a professional network manufacturer with a full range of network equipment product lines and solutions, including switches, routers, software, security firewalls, wireless products, storage and so on. A command execution vulnerability exists ...

TOTOLINK A6000R 安全漏洞

TOTOLINK A6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A6000R suffers from a code execution vulnerability that originates from allowing a remote attacker to execute arbitrary code via the iface parameter in the vifenable function. No details of the vulnerability...