CVE-2022-42541

Remote code execution...

PT-2023-9815 · Foxit · Foxit Pdf Editor +1

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Foxit PDF Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the...

Foxit Reader 安全漏洞

Foxit Reader is a Chinese Foxit Foxit company's a PDF document reader. A code execution vulnerability exists in Foxit Reader prior to version 12.1.3.15356 due to a flaw in the Javascript saveAs API. An attacker could exploit this vulnerability to execute arbitrary code on the system...

The vulnerability of the sub_4CCE4 function in ASUS RT-AX57 Wi-Fi router’s microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the sub4CCE4 function in ASUS’ Wi-Fi router software ASUS RT-AX57 exists due to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by using a specially crafted request to the ifname field...

CVE-2023-6157

CVE-2023-6157 affects Checkmk and is due to improper neutralization of livestatus command delimiters in the ajax_search function. Affected versions include Checkmk <= 2.0.0p39, < 2.1.0p37, and

TOTOLINK A3700R Code Execution Vulnerability

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A code execution vulnerability exists in the TOTOLINK A3700R v9.1.2u.6134B20201202 version, which can be exploited by an attacker to execute arbitrary code on the system...

Adobe Media Encoder Out-of-Bounds Read Vulnerability (CNVD-2023-88664)

Adobe Media Encoder is an audio and video encoding application from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Media Encoder version 24.0.2 and earlier and version 23.6 and earlier, which can be exploited by an attacker to execute code in the context o...

CVE-2023-22273 ZDI-CAN-21307: Adobe RoboHelp Server OnPublishFile Directory Traversal Remote Code Execution Vulnerability

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to Remote Code Execution by an admin authenticated attacker. Exploitation of this issue does not require user interaction...

Microsoft SharePoint 安全漏洞

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A code execution...

CVE-2023-46026

Cross Site Scripting XSS vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters...

CVE-2023-0898 Uncontrolled Search Path Element in GE MiCOM S1 Agile

General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application...

Fedora 39 : libspf2 (2023-b317dd9220)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b317dd9220 advisory. Patch CVE-2023-42118, plus some other fixes. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

CVE-2023-29043

CVE-2023-29043 describes a vulnerability where presentations may contain references to images that are user-controlled, allowing script code to be processed during document editing. The encoding of the relevant attribute is intended to avoid script execution. Concrete details from connected docs ...

TOTOLINK X6000R setTracerouteCfg function code execution vulnerability

TOTOLINK X6000R is a wireless router from China Gion Electronics that supports WiFi 6 technology with high concurrent connections and dual-band transmission. A code execution vulnerability exists in TOTOLINK X6000R. The vulnerability stems from the application failing to properly filter special...

Google Android Code Execution Vulnerability (CNVD-2023-96686)

Google Android is a Linux-based open source operating system from Google. A code execution vulnerability exists in Google Android, which can be exploited by an attacker to execute arbitrary code on the system...

USN-6453-2 xorg-server vulnerabilities

USN-6453-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. ...

CVE-2023-46409

TOTOLINK X6000R v9.4.0cu.652B20230116 was discovered to contain a command execution vulnerability via the sub 41CC04 function...

TOTOLINK X6000R Command Injection Vulnerability

The TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK X6000R v9.4.0cu.652B20230116 version that stems from a command execution vulnerability in the method in the sub415258 location...

CVE-2023-46411

TOTOLINK X6000R v9.4.0cu.652B20230116 was discovered to contain a command execution vulnerability via the sub415258 function...

CVE-2023-5727

The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 119,...