Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CNVD-2022-74593)

A remote code execution vulnerability exists in Microsoft Windows Graphics Components, which originates when a network system or product fails to properly filter external input data during the construction of code segments. elements during the construction of code segments from external input dat...

Microsoft Windows Remote Desktop Protocol Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Windows Remote Desktop Protocol RDP, an application used by Microsoft to connect to remote Windows desktops. The vulnerability stems from the failure of a networked system or product to properly filter special elements of code segments...

Microsoft Windows Remote Procedure Call Runtime Remote Code Execution Vulnerability

Microsoft Windows Remote Procedure Call Runtime is a technology used to create distributed client/server programs from Microsoft Corporation USA.Microsoft Windows Remote Procedure Call Runtime is vulnerable to remote code execution vulnerability. The vulnerability stems from the failure of a...

Microsoft Windows DNS Server Remote Code Execution Vulnerability (CNVD-2022-71975)

Microsoft Windows is an operating system for personal devices, Microsoft Windows Server is a server operating system, and Windows DNS Server is one of the DNS Domain Name System servers. code execution vulnerability in Microsoft Windows DNS Server. The vulnerability stems from the failure of a...

Microsoft Windows Upgrade Assistant Remote Code Execution Vulnerability

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows Upgrade Assistant. The vulnerability stems from improper handling of input data and can be exploited by an attacker to...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to insufficient input data validation, allows a hacker to trigger a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failures...

Microsoft Azure Site Recovery 输入验证错误漏洞

Microsoft Azure Site Recovery is a site recovery DRaaS from Microsoft Corporation for cloud and hybrid cloud architectures. Microsoft Azure Site Recovery is vulnerable to remote code execution. The vulnerability stems from the failure of a network system or product to properly filter special...

Microsoft Excel 代码注入漏洞

Microsoft Office is a suite of office software products from Microsoft Corporation USA. Microsoft Office Excel is vulnerable to remote code execution. The vulnerability stems from the process of constructing code segments from external input data, where the network system or product fails to...

Microsoft Windows Remote Desktop Protocol 代码注入漏洞

A remote code execution vulnerability exists in Microsoft Windows Remote Desktop Protocol RDP, an application used by Microsoft to connect to remote Windows desktops. The vulnerability stems from the failure of a networked system or product to properly filter special elements of code segments...

Microsoft Windows 输入验证错误漏洞

Microsoft Windows Fax services is a feature component service of Microsoft Corporation USA used to specify fax settings, including how to send, receive, view and print. A remote code execution vulnerability exists in Microsoft Windows Fax Compose Form, which is used to specify fax settings,...

Microsoft Windows SMB Server 输入验证错误漏洞

Microsoft Windows DiskUsage.exe is a remote code execution vulnerability in Microsoft Windows, an operating system used by personal devices. The vulnerability stems from the failure of a network system or product to properly filter special elements in code segments constructed from external input...

PT-2022-3559 · Aethon · Aethon Tug Home Base Server

Name of the Vulnerable Software and Affected Versions: Aethon TUG Home Base Server versions prior to version 24 Description: The issue is related to the lack of input data sanitization in the "Загрузки" component of the TUG Home Base Server, which can lead to a remote attacker conducting a...

PT-2022-3560 · Aethon · Tug Home Base Server

Name of the Vulnerable Software and Affected Versions: Aethon TUG Home Base Server versions prior to version 24 Description: The issue is related to the lack of input data sanitization in the "Reports" component of the TUG Home Base Server, which can allow a remote attacker to conduct a cross-sit...

The vulnerability of the config_input function in the libavfilter/vf_gblur.c component of the multimedia library FFmpeg allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the configinput function in the libavfilter/vfgblur.c file of the FFmpeg multimedia library involves copying buffers without checking the input data. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause...

The vulnerability of the ImageIO component in the Oracle GraalVM Enterprise Edition virtual machine allows a hacker to trigger a service failure.

The vulnerability of the ImageIO component in the Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of component 2D of the Oracle GraalVM Enterprise Edition, which allows a hacker to trigger a service failure

The vulnerability of the 2D component of the Oracle GraalVM Enterprise Edition exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the DataTables table processing plugin, related to the lack of protection for website structure, allows attackers to compromise data integrity.

The vulnerability of the DataTables table processing plugin is related to incorrect handling of arrays in the input data. Exploiting this vulnerability allows an attacker to compromise the integrity of the data...

The vulnerability in the do_checksum function of the checksum.c component of the Pcap Tcpreplay editing and reproduction utility allows a hacker to cause a service failure.

The vulnerability of the dochecksum function in the checksum.c component of the Pcap Tcpreplay editing and reproduction utility involves copying buffers without checking the input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions using a specially created...

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain privileged access

Vulnerability of the MySQL Cluster component: General database management system vulnerabilities in MySQL Cluster exist due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain privileged access remotely...

CVE-2021-44124

Hiby Music Hiby OS R3 Pro 1.5 and 1.6 is vulnerable to Directory Traversal. The HTTP Server does not have enough input data sanitization when shown data from SD Card, an attacker can navigate through the device's File System over HTTP...