PT-2022-18567 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS affected versions not specified Description: A problematic issue has been found in the SourceCodester Company Website CMS, affecting the processing of the file /dashboard/contact. The manipulation of the pho...

The vulnerability in the implementation of the recovery mode for the software development tools for engineering applications, such as the Drawing SDK, JT, JT2Go, and the Teamcenter Visualization lifecycle management system, allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of the recovery mode implementation in the software development tools for engineering applications, such as Drawings SDK, JT, JT2Go, and Teamcenter Visualization’s product lifecycle management system, is related to reading data beyond the buffer in memory during the processing o...

The vulnerability in the implementation of the recovery mode for the software development tools for engineering applications, such as the Drawing SDK, JT, JT2Go, and the Teamcenter Visualization lifecycle management system, allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of the recovery mode implementation in the software development tools for engineering applications, such as Drawings SDK, JT, JT2Go, and Teamcenter Visualization’s product lifecycle management system, is related to reading data beyond the buffer in memory during the processing o...

CVE-2022-35873

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

The vulnerability of the Display Key Combination Fast Access swhkd implementation in the Wayland server display protocol is related to deficiencies in the system’s controlled area segmentation. This allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Display Key Combination Fast Access SWHKD in the Wayland display server protocol is related to deficiencies in the system’s controlled area segmentation when processing files with the -c parameter. Exploiting this vulnerability can allow an intruder to gain unauthorized...

Command injection

A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlistsync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used...

CVE-2022-2488

A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlistsync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used...

DEBIAN-CVE-2022-2121

OFFIS DCMTK's All versions prior to 3.6.7 has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition...

The vulnerability of the PJSIP multimedia communication library, related to executing a loop with an unavailable exit condition, allows attackers to cause service failures.

The vulnerability of the PJSIP multimedia communication library lies in the execution of a loop with an unavailable exit condition during the processing of WAV/AVI files. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The software’s vulnerability regarding increasing the effective working time of components and equipment, as well as optimizing resource utilization in the SAP 3D Visual Enterprise Viewer, arises from writing data beyond the buffer in memory when processing PSD files. This vulnerability allows attackers to cause the application to crash.

The vulnerability of the software for increasing the effective working time of components and equipment, as well as optimizing resource usage in the SAP 3D Visual Enterprise Viewer, is related to the writing of data beyond the buffer in memory during PSD file processing. Exploiting this...

CVE-2019-1010057

nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffileinline.c:83, minilzo.c redistributed. The attack vector is: nfdump must read and process a specially crafted file...

GHSA-9HG2-395J-83RM Expected Behavior Violation in Apache Tomcat

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

Cross-site scripting - Stored via upload `.xsig` file

Description When user upload a file with .xsig extension and direct access this file, the server response with Content-type: text/html lead to processing XSIG as HTML file. Proof of Concept POST /facturascripts/EditAttachedFile?code=1&action=save-ok HTTP/1.1 Host: localhost User-Agent: Mozilla/5....

CVE-2022-1475

An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729parse in llibavcodec/g729parser.c when processing a specially crafted file...

CVE-2022-1475

An integer overflow vulnerability was found in FFmpeg 5.0.1 and in previous versions in g729parse in llibavcodec/g729parser.c when processing a specially crafted file...

Integer overflow

An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729parse in llibavcodec/g729parser.c when processing a specially crafted file...

The vulnerability of GUI temperature control software lies in the use of memory after deallocation during the processing of configuration files in the *.gd1 format. This allows an attacker to execute arbitrary code.

The vulnerability of GUI temperature control software relates to the use of memory after release, during the processing of configuration files in the .gd1 format. Exploiting this vulnerability allows an attacker to execute arbitrary code...

ROS-20220412-01

Vim text editor vulnerability, related to a boundary error in file processing. Exploitation vulnerability could allow a remote attacker to trick a victim into opening a specially crafted file, causing memory corruption and executing arbitrary code on the target system. a specially crafted file,...

CVE-2022-25959

Omron CX-Position versions 2.5.3 and prior is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code...

PT-2022-5876 · Omron · Omron Cx-Position

Name of the Vulnerable Software and Affected Versions: Omron CX-Position versions 2.5.3 and prior Description: The issue is related to an out-of-bounds write in memory, which can be exploited to execute arbitrary code. This occurs while processing a specific project file. Recommendations: For Omr...