UBUNTU-CVE-2020-24742

An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files...

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2021-2284)

According to the versions of the uboot-tools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT.CVE-2021-27097 - The boot loader in Das U-Boot before 2021.04-rc...

See Ya Sharp: A Loaders Tale | McAfee Blogs

ARCHIVED STORY See Ya Sharp: A Loader’s Tale Max Kersten · Aug 04, 2021 Introduction The DotNet based CyaX-Sharp loader, also known as ReZer0, is known to spread commodity malware, such as AgentTesla. In recent years, this loader has been referenced numerous times, as it was used in campaigns...

See Ya Sharp: A Loaders Tale | McAfee Blogs

ARCHIVED STORY See Ya Sharp: A Loader’s Tale Max Kersten · Aug 04, 2021 Introduction The DotNet based CyaX-Sharp loader, also known as ReZer0, is known to spread commodity malware, such as AgentTesla. In recent years, this loader has been referenced numerous times, as it was used in campaigns...

CVE-2021-37403

OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via a code snippet user-generated content when a sharing link is created and an App Loader relative URL is used...

CVE-2021-37403

OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via a code snippet user-generated content when a sharing link is created and an App Loader relative URL is used...

Cross site scripting

OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via a code snippet user-generated content when a sharing link is created and an App Loader relative URL is used...

CVE-2021-37403

OX App Suite vulnerable to XSS via a code snippet in user-generated content when a sharing link is created and an App Loader relative URL is used. Affected versions: before 7.10.3-rev32 and before 7.10.4-rev18. The vulnerability stems from how the App Loader relative URL handles shared links. Rem...

Open-xchange OX App Suite 跨站脚本漏洞

Open-xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange Open-xchange USA. The environment allows users to more intuitively manage email, tasks, files, and more. A cross-site scripting vulnerability exists in OX App Suite, which stems from an XSS vulnerability...

RHEL 8 : shim and fwupd (RHSA-2021:2790)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2790 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

CVE-2021-34333

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPLoader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. A malformed input file could result in double free of an allocated...

CVE-2021-34317

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPloader.dll library in affected applications lacks proper validation of user-supplied data when parsing PCX files. This could result in an out of bounds write past the fixed-length...

CVE-2021-34318

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPloader.dll library in affected applications lacks proper validation of user-supplied data when parsing PCT files. This could result in an out of bounds write past the end of an...

CVE-2021-34322

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The JPEG2KLoader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds read past the end of an...

CVE-2021-34315

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPloader.dll library in affected applications lacks proper validation of user-supplied data when parsing SGI files. This could result in an out of bounds read past the end of an...

CVE-2021-34314

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPloader.dll library in affected applications lacks proper validation of user-supplied data when parsing SGI files. This could result in an out of bounds write past the end of an...

CVE-2021-34305

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Gifloader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an...

CVE-2021-34303

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The TiffLoader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an...

CVE-2021-34307

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The TiffLoader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an...

CVE-2021-34304

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The TiffLoader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an...