The vulnerability of Adobe Illustrator, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Illustrator graphic editor is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Microsoft Office Remote Code Execution Vulnerability

Microsoft Office is an office software suite product from Microsoft Corporation USA. Microsoft Office has a remote code execution vulnerability, which originates from the process of constructing code segments from external input data, the network system or product fails to properly filter the...

Microsoft ODBC Driver Remote Code Execution Vulnerability

Microsoft ODBC Driver is a driver from Microsoft Corporation USA. A remote code execution vulnerability exists in the Microsoft Windows ODBC Driver, which stems from the failure of a network system or product to properly filter special elements of the external input data during the construction o...

Microsoft Windows CD-ROM File System Driver Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the Windows CD-ROM File System Driver, which stems from the failure of a network system or product to properly filter special elements in the external input data used to construct code segments. The vulnerability can be exploited by an attacker to...

The vulnerability of the implementation of IEC 104 industrial protocols in the software environment for controlling and managing equipment in Hitachi Energy’s MicroSCADA X SYS600 system allows a intruder to carry out maintenance-related malfunctions.

The vulnerability of the implementation of IEC 104 industrial protocols in the Hitachi Energy MicroSCADA X SYS600 system management and control software exists due to insufficient verification of input data. Exploiting this vulnerability could allow a malicious actor to perform maintenance action...

Microsoft Windows CD-ROM Driver 安全漏洞

A remote code execution vulnerability exists in the Windows CD-ROM File System Driver, which stems from the failure of a network system or product to properly filter special elements in the external input data used to construct code segments. The vulnerability can be exploited by an attacker to...

TOTOLINK NR1800X setIpPortFilterRules method buffer overflow vulnerability

TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK. designed to provide fast and easy deployment of NR fixed data services in homes and offices. A buffer overflow vulnerability exists in TOTOLINK NR1800X version V9.1.0u.6279B20210910, which stems from a lack o...

ASUS RT-AX56U Buffer Overflow Vulnerability

ASUS RT-AX56U is a wireless router from ASUS, China.ASUS RT-AX56U Router firmware version 3.0.0.4.386.44266 has a buffer overflow vulnerability, which stems from the strcat function's lack of length checks for user input data, which can be exploited by attackers to remotely execute commands...

EulerOS 2.0 SP5 : python-lxml (EulerOS-SA-2022-2447)

According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together wi...

WordPress plugin Zephyr Project Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Zephyr Project Manager version 3.2.55 previously had a cross-site scripting vulnerability that...

The vulnerability of the Dynamic Method Invocation (DMI) mechanism implemented in the Apache Struts software framework allows attackers to execute arbitrary code.

The vulnerability of the Dynamic Method Invocation DMI mechanism in the Apache Struts software framework lies in the lack of measures taken to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Tenda AC15 and AC18 setSchedWifi Heap Overflow Vulnerability

Tenda AC15 and Tenda AC18 are both products of Tenda, a Chinese company.Tenda AC15 is a wireless router.Tenda AC18 is a router. A heap overflow vulnerability exists in Tenda AC15 and AC18Version 15.03.05.19, which stems from the setSchedWifi method not performing a size check on incoming data whe...

CVE-2022-32226

An improper access control vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 due to input data in the getUsersOfRoom Meteor server method is not type validated, so that MongoDB query operator objects are accepted by the server, so that instead of a matching rid String a$regex query can be...

Tenda AC21 setSmartPowerManagement Function Buffer Overflow Vulnerability

The Tenda AC21 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC21 version V16.03.08.15, which originates from a lack of length checking of input data in the setSmartPowerManagement function of /bin/httpd, which can be exploited to cause httpd...

Tenda AC21 saveParentControlInfo function buffer overflow vulnerability

The Tenda AC21 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC21 version V16.03.08.15, which originates from the lack of length checking of input data in the saveParentControlInfo function of /bin/httpd, and can be exploited to cause httpd t...

Tenda AC21 fromSetWifiGusetBasic function buffer overflow vulnerability

The Tenda AC21 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC21 version V16.03.08.15, which stems from the lack of length checking of input data in the fromSetWifiGusetBasic function of /bin/httpd, which can be exploited to cause httpd to...

The vulnerability of the Mozilla Firefox browser for Windows, related to errors in processing input data, allows a hacker to execute arbitrary code.

The vulnerability of the Mozilla Firefox browser for Windows is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2022-4787 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: The vulnerability is related to errors in handling input data in the implementation of the TCP/IP protocol in Windows operating systems. This issue allows a remote attacker to execute...

CVE-2022-38400

Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated attacker to obtain the user input data by having a use of the product to access a specially crafted URL...