EulerOS 2.0 SP3 : perl (EulerOS-SA-2019-2035)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The 1 Sreghop3, 2 Sreghop4, and 3 Sreghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial o...

PYSEC-2018-82

There is a vulnerability in load method in definitions/parser.py in the Danijar Hafner definitions package for Python. It can execute arbitrary python commands resulting in command execution...

Design/Logic Flaw

There is a vulnerability in load method in definitions/parser.py in the Danijar Hafner definitions package for Python. It can execute arbitrary python commands resulting in command execution...

PYSEC-2018-82

There is a vulnerability in load method in definitions/parser.py in the Danijar Hafner definitions package for Python. It can execute arbitrary python commands resulting in command execution...

CVE-2018-20325

There is a vulnerability in load method in definitions/parser.py in the Danijar Hafner definitions package for Python. It can execute arbitrary python commands resulting in command execution...

CVE-2018-20325

CVE-2018-20325 affects the Danijar Hafner definitions package for Python. The vulnerability resides in the load() method of definitions/parser.py, allowing execution of arbitrary Python commands and resulting in command execution. The available documents identify the vulnerable component and the ...

Remote code execution

Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation...

Flash Player < 26.0.0.126 Multiple RCE (APSB17-17)

Binary data 700144.prm...

CVE-2016-6185

The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory...

IBM SPSS Chart2D olch2x32.ocx ActiveX Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the olch2x32.ocx Active...

OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...

CVE-2008-0020

Technical details about CVE-2008-0020 are not publicly available in the provided connected documents. Monitor for updates as new information becomes public.

CVE-2007-4890

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...

CVE-2007-4890

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...

CVE-2003-0233

Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load method, a different vulnerability than CVE-2003-0115...

CVE-2003-0233

Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load method, a different vulnerability than CVE-2003-0115...

CVE-2002-1338

The Load method in the Chart component of Office Web Components OWC 9 and 10 generates an exception when a specified file does not exist, which allows remote attackers to determine the existence of local files...

CVE-2002-1293

The Microsoft Java implementation, as used in Internet Explorer, provides a public load0 method for the CabCracker class com.ms.vm.loader.CabCracker, which allows remote attackers to bypass the security checks that are performed by the load method...

Microsoft Office Web Components allows arbitary user to determine whether local file exists via Chart component "Load" method

Overview Microsoft Office Web Components OWC allows a malicious script on a web page to learn if a file exists on the client's filesystem. Description OWC allows viewing of Microsoft Office documents such as spreadsheets and charts to be viewed within an HTML document in Microsoft Internet Explor...

ROS-2-1984

2.1984 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...