Omron CX-Programmer 缓冲区错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron Japan. A buffer error vulnerability exists in Omron CX-Programmer version 9.78 and earlier, which stems from vulnerability to out-of-bounds writes, which could allow an attacker to execute arbitrary code...

CVE-2022-34634

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted det instructions rather create an exception...

NeoRS 访问控制错误漏洞

Douzone Bizon NeoRS is a remote support service from Douzone Bizon in Korea. Remote Pc can be accessed and controlled from anywhere, anytime through a remote support site. A security vulnerability exists in NeoRS versions prior to 2021.3.10.1, which originates from an origin authentication error...

CVE-2022-29095

Dell SupportAssist Client Consumer versions 3.10.4 and prior and Dell SupportAssist Client Commercial versions 3.1.1 and prior contain a cross-site scripting vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability under specific conditions leading to...

Hardcoded credentials

UNSUPPORTED WHEN ASSIGNED D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php...

CVE-2022-27262

An arbitrary file upload vulnerability in the file upload module of Skipper v0.9.1 allows attackers to execute arbitrary code via a crafted file...

CVE-2022-24927

Improper privilege management vulnerability in Samsung Video Player prior to version 7.3.15.30 allows attackers to execute video files without permission...

Mageia: Security Advisory (MGASA-2018-0395)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Samsung SMR安全漏洞

Samsung Knox Guard is a security solution based on the open-source Android platform from South Korea's Samsung Samsung, which can comprehensively enhance security through a combination of physical means and software systems, and is perfectly compatible with the Android and Google ecosystems,...

Cross-site Scripting (XSS) - Stored in admidio/admidio

Description I can create links using the Web links feature. However, since the input value is not URL-encoded, the onfocus and autofocus properties can be used by escaping the properties of the "A" tag using double quotation marks ". Proof of Concept txt...

VideoOffice Arbitrary File Download and Execution Vulnerability

VideoOffice is Internet video conferencing. VideoOffice suffers from an arbitrary file download and execution vulnerability that stems from a lack of support for integrity checking. No detailed vulnerability details are available at this time...

CVE-2020-7878

An arbitrary file download and execution vulnerability was found in the VideoOffice X2.9 and earlier versions CVE-2020-7878. This issue is due to missing support for integrity check...

CVE-2020-29176

An arbitrary file upload vulnerability in Z-BlogPHP v1.6.1.2100 allows attackers to execute arbitrary code via a crafted JPG file...

CVE-2021-33035

Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the...

CVE-2021-26608

An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This issue is due to missing support for integrity check of download URL or downloaded file hash...

CVE-2021-26608

The provided records describe CVE-2021-26608 as an arbitrary file download and execution vulnerability in Handysoft Co., Ltd groupware ActiveX module, specifically the HShell.dll. Root cause: lack of integrity checking for the download URL or the downloaded file hash. Impact stated as allows arbi...

PT-2021-17075 · Handysoft Co. · Handysoft Co.

Name of the Vulnerable Software and Affected Versions: handysoft Co., Ltd groupware affected versions not specified Description: The issue is related to an arbitrary file download and execution vulnerability found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This vulnerabilit...

CVE-2021-32590

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow an attacker with regular user's privileges to execute arbitrary commands on the underlying SQL...

CVE-2020-21996

AVE DOMINAplus =1.10.x suffers from an unauthenticated reboot command execution. Attackers can exploit this issue to cause a denial of service scenario...

Microsoft Visual Studio Code Execution Vulnerability (CNVD-2021-29880)

Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A code execution vulnerability exists in Microsoft Visual Studio, which can be exploited by an attacker to execute arbitrary code on a system with the privileges of the victim...