Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from China Foxit Foxit.Foxit PDF Editor is a PDF editor from China Foxit Foxit. A code execution vulnerability exists in Foxit PDF Reader and Foxit PDF Editor, which can be exploited by an attacker to execute arbitrary code on the system...

Command Execution Vulnerability in EG3210 at Riptide Networks Inc.

EG3210 is a new generation multi-service security gateway of RG-EG3200 series, which is a comprehensive gateway device designed for small and medium-sized network outlets. A command execution vulnerability exists in the RG-EG3210, which can be exploited by attackers to execute commands...

CVE-2024-28109 Potential XSLT injection vulnerability when using policy files

veraPDF-library is a PDF/A validation library. Executing policy checks using custom schematron files invokes an XSL transformation that could lead to a remote code execution RCE vulnerability. This vulnerability is fixed in 1.24.2...

Command Execution Vulnerability in UFIDA NC

UFIDA Network Technology Co., Ltd. is a company whose business scope includes the technical development, technical consulting and technology transfer of electronic computer software, hardware and external equipment. A command execution vulnerability exists in UFIDA NC, which can be exploited by a...

Tenda FH1205 安全漏洞

The Tenda FH1205 is a home wireless router from China's Tenda, geared toward the average home network environment, providing wireless connectivity. The Tenda FH1205 suffers from a stack buffer overflow vulnerability that originates from the cmdinput parameter of the formexeCommand method of the...

CVE-2024-29650

An issue in @thi.ng/paths v.5.1.62 and before allows a remote attacker to execute arbitrary code via the mutIn and mutInManyUnsafe components...

Important: Red Hat Security Advisory: postgresql security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

Command Execution Vulnerability in T+ (CNVD-2024-18952)

T+ is a new Internet business management software. A command execution vulnerability exists in Changjitong T+, which can be exploited by an attacker to execute arbitrary commands...

Command Execution Vulnerability in EG2000UE of Beijing StarNet Ruijie Network Technology Co. Ltd (CNVD-2024-18958)

EG2000UE is a gateway product. A command execution vulnerability exists in the EG2000UE of Beijing StarNet Ruijie Network Technology Company Limited, which can be exploited by an attacker to execute arbitrary commands...

CVE-2024-26503

Unrestricted File Upload vulnerability in Greek Universities Network Open eClass v.3.15 and earlier allows attackers to run arbitrary code via upload of crafted file to certbadge.php endpoint...

CVE-2024-28424

zenml v0.55.4 was discovered to contain an arbitrary file upload vulnerability in the load function at /materializers/cloudpicklematerializer.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted file...

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-17841)

Electronic document security management system is an electronic document security protection software, the system utilizes the driver layer transparent encryption technology, through the encryption protection of electronic documents, to prevent internal staff leakage and external personnel to...

Description of the security update for SharePoint Enterprise Server 2016: March 12, 2024 (KB5002559)

Description of the security update for SharePoint Enterprise Server 2016: March 12, 2024 KB5002559 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

Command Execution Vulnerability in EG3000SE of Beijing StarNet Ruijie Network Technology Co.

EG3000SE is a new generation of high performance integrated gateway. A command execution vulnerability exists in the EG3000SE of Beijing StarNet Ruijie Network Technology Co. Ltd, which can be exploited by an attacker to gain control of the server...

Faronics Deep Freeze Code Issue Vulnerability

Faronics Deep Freeze is a system recovery software developed by Faronics, Inc. A code issue vulnerability exists in Faronics Deep Freeze version 8.30.020.4627 and prior versions, which originates from a malicious code execution that can be performed by renaming a malicious executable file to...

KB5035858: Windows 10 LTS 1507 Security Update (March 2024)

The remote Windows host is missing security update 5035858. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166 - Windows USB Hub...

Important: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Command Execution Vulnerability in the Client of KingSuperSCADA Operation System of Beijing Asian Control Technology Development Co.

Ltd. is a high-tech industrial automation and informatization software platform enterprise founded in 1997. A command execution vulnerability exists in the client side of the KingSuperSCADA operating system of Beijing Asian Control Technology Development Co...

Important: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.4 Advanced Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...

BIT-GHOST-2022-27139

An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary code via a crafted SVG file. NOTE: Vendor states that as outlined in Ghost's security documentation, upload of SVGs is only possible by trusted authenticated users. The uploadin...