The vulnerability of the Microsoft SharePoint Server software, related to insufficient cleaning of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft SharePoint Server software is related to insufficient cleaning of input data. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Microsoft SharePoint Server software, related to insufficient cleaning of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft SharePoint Server software is related to insufficient cleaning of input data. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the av_malloc function in the libavutil/mem.c component of the FFmpeg multimedia library, which involves copying buffers without checking the input data, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the avmalloc function in the libavutil/mem.c component of the FFmpeg multimedia library is related to the copying of buffers without checking the input data. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause...

ROS-20240910-01

A vulnerability in the HAProxy server software is related to entering an infinite loop when given certain input data. of certain inputs. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

The vulnerability of the PDF file analysis component in the ClamAV antivirus program allows a hacker to trigger a service failure.

The vulnerability of the PDF file analysis component in the ClamAV antivirus program is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to cause service failures when the user downloads a specially crafted PDF file for analysis...

The vulnerability of the server software HAProxy lies in its ability to enter an infinite loop when processing certain input data, allowing a hacker to cause a service failure.

The vulnerability of the server software HAProxy is related to its ability to enter an infinite loop when certain input data is provided. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2024-44809

A remote code execution RCE vulnerability exists in the Pi Camera project, version 1.0, maintained by RECANTHA. The issue arises from improper sanitization of user input passed to the "position" GET parameter in the tilt.php script. An attacker can exploit this by sending crafted input data that...

CVE-2024-44809

The CVE-2024-44809 entry corresponds to the Pi Camera project (version 1.0, RECANTHA) with a vulnerability in tilt.php where the position parameter is not properly sanitized. This allows an attacker to craft input that executes arbitrary commands on the server with web server permissions, via rem...

AZL-48412 CVE-2024-8006 affecting package nmap for versions less than 7.95-2

Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcapfindalldevsex. One of the function arguments can be a filesystem path, which normally means a directory with...

CVE-2024-43700

xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment...

UBUNTU-CVE-2024-43700

xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment...

CVE-2024-43700

xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment...

ROS-20240827-17

Vulnerability in the /api/v1/alerts file of the Prometheus monitoring system component for processing alerts Alertmanager is related to incorrect neutralization of input data during web page generation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

ROS-20240827-06

The vulnerability in the Ruby interpreter is related to improper neutralization of input data during the generation of a of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Rub...

The vulnerability of the driver for the common file system of Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the driver for the common file system of Windows operating systems is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the intel-sdw-acpi component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the intel-sdw-acpi component of the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of Microsoft Office packages, Microsoft 365 Apps for Enterprise, and Microsoft Project, a project management software, relates to errors in processing input data, allowing an attacker to execute arbitrary code.

The vulnerabilities of Microsoft Office packages, Microsoft 365 Apps for Enterprise, and Microsoft Project management software are related to errors in processing input data. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code, provided that the user opens a...

In Apache Thrift all versions up to and including 0.12.0 a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0 depending on the installed version it affects only certain language bindings.

...

Tenda FH1206 fromqossetting function buffer overflow vulnerability

The Tenda FH1206 is a wireless router from Tenda China. A buffer overflow vulnerability exists in the Tenda FH1206 fromqossetting function, which originates from the failure of the fromqossetting function in the /goform/qossetting page to correctly validate the length of input data, which could b...

ROS-20240814-05

A vulnerability in the "Save As" function of Mozilla Firefox, Firefox ESR and Thunderbird email client on Windows operating systems is related to insufficient input data validation. Thunderbird email client of Windows operating systems is related to insufficient input data validation. Exploitatio...