Adobe Acrobat Reader Resource Management Error Vulnerability (CNVD-2024-24747)

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Acrobat Reader version 20.005.30539, 23.008.20470 and earlier versions are vulnerable to a resource management error vulnerability that stems from the presence of...

TOTOLINK X5000R mru parameter code execution vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. The TOTOLINK X5000R suffers from a code execution vulnerability that stems from the parameter mru of cstecgi.cgi failing to properly filter special elements of constructed snippets. An attacker could exploit this vulnerabilit...

GHSA-5VV7-J593-MGJC Neos Flow Arbitrary file upload and XML External Entity processing

It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible information disclosure, placeme...

Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2024-1417 Local Code Injection Vulnerability in AuthPoint Password Manager App for macOS Safari

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in WatchGuard AuthPoint Password Manager on MacOS allows an a adversary with local access to execute code under the context of the AuthPoint Password Manager application. This issue affects AuthPoint...

D-Link DAR-7000-40 Command Execution Vulnerability

The D-Link DAR-7000-40 is an Internet Behavior Audit Gateway from China AUO D-Link. The D-Link DAR-7000-40 suffers from a command execution vulnerability, which is caused by incorrect validation of file extensions in the interface/sysmanage/license authorization.php script. An attacker can exploi...

Siemens Solid Edge Heap Buffer Overflow Vulnerability (CNVD-2024-23110)

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute co...

Command Execution Vulnerability in EG3220 of Beijing StarNet Ruijie Network Technology Co.

Ltd. EG3220 is a new generation of multi-service security gateway. The EG3220 has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2024-23112)

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute cod...

Siemens Teamcenter Visualization and JT2Go Out-of-Bounds Write Vulnerability (CNVD-2024-23524)

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2Go is a JT file viewer. An out-of-bounds write vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code ...

Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2024-23520)

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute cod...

Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2024-23519)

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute cod...

CVE-2024-34913

An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...

CVE-2024-34096 ZDI-CAN-23472: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability

Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Fortinet FortiProxy Command Execution Vulnerability (CNVD-2024-26504)

Fortinet FortiProxy is a secure network proxy from Fortinet that protects employees from cyberattacks by combining multiple detection technologies such as Web filtering, DNS filtering, DLP, anti-virus, intrusion prevention, and advanced threat protection.FortiProxy helps reduce bandwidth...

Siemens Parasolid X_T File Out-of-Bounds Read Vulnerability

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. An out-of-bounds read vulnerability exists in Siemens Parasolid XT files, which can be exploited by an attacker to execute code ...

CVE-2024-30023

Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability...

CVE-2024-30045

CVE-2024-30045 is a .NET/Visual Studio Remote Code Execution vulnerability caused by a stack buffer overrun in the Double Parse routine. It affects .NET 7.0 up to 7.0.18 and .NET 8.0 up to 8.0.4; patched versions are 7.0.19 and 8.0.5 ( Microsoft/MSRC advisory; GHSA entry lists affected packages a...

CVE-2024-34086

A vulnerability has been identified in JT2Go All versions V2312.0001, Teamcenter Visualization V14.1 All versions V14.1.0.13, Teamcenter Visualization V14.2 All versions V14.2.0.10, Teamcenter Visualization V14.3 All versions V14.3.0.7, Teamcenter Visualization V2312 All versions V2312.0001. The...

CVE-2024-25967

Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an execution with unnecessary privileges vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges...