4202 matches found
CVE-2024-32350
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an authenticated remote command execution RCE vulnerability via the "ipsecPsk" parameter in the "cstecgi.cgi" binary...
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
...
CVE-2024-33007 Client-side script execution vulnerability in SAP UI5(PDFViewer)
PDFViewer is a control delivered as part of SAPUI5 product which shows the PDF content in an embedded mode by default. If a PDF document contains embedded JavaScript or any harmful client-side script, the PDFViewer will execute the JavaScript embedded in the PDF which can cause a potential securi...
TOTOLINK X5000R 安全漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A code execution vulnerability exists in the TOTOLINK X5000R mtu parameter, which stems from the mtu parameter of cstecgi.cgi failing to properly filter special elements of the constructed snippet. An attacker could exploit...
TOTOLINK X5000R 安全漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. The TOTOLINK X5000R suffers from a code execution vulnerability that stems from the ipsecPsk parameter of cstecgi.cgi failing to properly filter the special elements of constructed snippets. An attacker could exploit this...
PT-2024-12025 · Sourcecodester · Sourcecodester Customer Relationship Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Customer Relationship Management System version 1.0 Description: The issue allows an attacker to execute arbitrary code. This can be achieved via the company or query parameters in a Cross Site Scripting vulnerability, o...
Command Execution Vulnerability in Yisetong Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-24396)
Yisetong electronic document security management system is a controllable authorization of electronic document security sharing management system, using real-time dynamic encryption and decryption protection technology and real-time rights recovery mechanism, to provide all kinds of electronic...
CVE-2024-3759
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free...
Command Execution Vulnerability in NBR6210-E of Beijing StarNet Ruijie Network Technology Co. Ltd (CNVD-2024-24564)
NBR6210-E is a router product of Beijing StarNet Ruijie Network Technology Co. A command execution vulnerability exists in the NBR6210-E of Beijing StarNet Ruijie Network Technology Co. Ltd. that can be exploited by an attacker to gain control of a server...
CVE-2023-51606 Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2023-51584 Voltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution Vulnerability
Voltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. User interaction is required to exploit this vulnerability in...
CVE-2023-39485 PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...
CVE-2023-27341 PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...
NETGEAR Routers 安全漏洞
NETGEAR Routers is a series of routers from NETGEAR. A code execution vulnerability exists in NETGEAR Routers that can be exploited by an attacker to execute arbitrary code...
CVE-2023-23022
Cross site scripting XSS vulnerability in sourcecodester oretnom23 employee's payroll management system 1.0, allows attackers to execute arbitrary code via the code, title, fromdate and todate inputs in file Main.php...
Command Execution Vulnerability in UFIDA NC at UFIDA Network Technology Co.
UFIDA NC is a large erp enterprise management system and e-commerce platform. A command execution vulnerability exists in UFIDA NC, which can be exploited by attackers to execute commands...
CVE-2024-33904
In plugins/HookSystem.cpp in Hyprland through 0.39.1 before 28c8561, through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file...
Google Chrome Code Execution Vulnerability (CNVD-2024-38582)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by type obfuscation in ANGLE. An attacker can exploit this vulnerability to execute arbitrary code on the system...
CVE-2024-32766 QTS, QuTS hero, QuTScloud
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...
Tenda W15E 安全漏洞
W15E is a wireless router from Shenzhen Jixiang Tengda Technology Co. Ltd. W15E 15.11.0.14 version of the buffer overflow vulnerability, the vulnerability stems from / goform / SetRemoteWebManage file formSetRemoteWebManage method of the remoteIP parameter fails to correctly validate the length o...