PT-2026-42535

Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.1 Description Concrete CMS fails to sanitize path traversal sequences in the ptComposerFormLayoutSetControlCustomTemplate field during the process of saving page type composer form layouts. An authenticated...

CVE-2026-25492 Craft has a save_images_Asset graphql mutation can be abused to exfiltrate AWS credentials of underlying host

Craft CMS is a content management system. In Craft versions 3.5.0 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveimagesAsset GraphQL mutation can be abused to fetch internal URLs by providing a domain name that resolves to an internal IP address, bypassing hostname validation. When a...

EUVD-2020-9056

Malware in sbrugna...

Microsoft’s Response to Open-Source Vulnerabilities - CVE-2023-4863 and CVE-2023-5217

Microsoft is aware and has released patches associated with the two Open-Source Software security vulnerabilities, CVE-2023-4863 and CVE-2023-5217. Through our investigation, we found that these affect a subset of our products and as of today, we have addressed them in our products as outlined...

Microsoft Windows Raw Image Extensions RCE (July 2023)

The Windows 'Raw Image Extensions' app installed on the remote host is affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has instead relied only...

Microsoft Windows Raw Image Extensions Library Multiple Vulnerabilities (April 2023)

The Windows 'Raw Image Extensions' app installed on the remote host is affected by multiple code execution vulnerabilities: - A remote code execution vulnerability exists in the Microsoft Windows Codecs Library Raw Image. An attacker who successfully exploited the vulnerability could execute...

Microsoft Windows Raw Image Extensions Library RCE (December 2022)

The Windows 'Raw Image Extensions' app installed on the remote host is affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. %NASLMINLEVEL 80900 C Tenable Network Security, Inc. The descriptive text an...

Microsoft Windows Raw Image Extensions Library RCE (September 2022)

The Windows 'Raw Image Extensions' app installed on the remote host is affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. %NASLMINLEVEL 80900 C Tenable Network Security, Inc. The descriptive text an...

Microsoft HEIF Image Extensions Remote Code Execution Vulnerability

Microsoft HEIF Image Extensions is a feature library for Microsoft Windows systems from Microsoft Corporation USA.Microsoft HEIF Image Extensions is vulnerable to remote code execution, which can be exploited by attackers to execute arbitrary code on the system...

CVE-2022-24457

HEIF Image Extensions Remote Code Execution Vulnerability...

CVE-2022-24457

HEIF Image Extensions Remote Code Execution Vulnerability...

Remote code execution

HEIF Image Extensions Remote Code Execution Vulnerability...

CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability

...

CVE-2022-24457

Technical details about CVE-2022-24457 are not publicly provided in the connected documents. No affected versions, exploitation details, or fixes are disclosed here. Monitor for updates from official advisories and vendors.

CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability

...

HEIF Image Extensions Remote Code Execution Vulnerability

...

Microsoft HEIF Image Extensions 缓冲区错误漏洞

Microsoft HEIF Image Extensions is a feature library for Microsoft Windows systems from Microsoft Corporation USA.Microsoft HEIF Image Extensions is vulnerable to remote code execution, which can be exploited by attackers to execute arbitrary code on the system...

Microsoft Windows HEIF Image Extensions RCE (March 2022)

The Windows HEIF Image Extension app installed on the remote host is affected by a remote code execution vulnerability. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted file...

Microsoft Windows Raw Image Extensions Library Multiple Vulnerabilities (March 2022)

The Windows 'Raw Image Extensions' app installed on the remote host is affected by multiple code execution vulnerabilities: - A remote code execution vulnerability exists in the Microsoft Windows Codecs Library Raw Image. An attacker who successfully exploited the vulnerability could execute...

Microsoft Windows Raw Image Extensions Library RCE (December 2021)

The Windows 'Raw Image Extensions' app installed on the remote host is affected by a remote code execution vulnerability. An attacker who successfully exploited the vulnerability could execute arbitrary code. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc...