assimp 安全漏洞

assimp is an assimp open source library. It is used to import and export various 3D model formats. A security vulnerability exists in versions prior to assimp 5.4.3 that stems from the presence of a heap-based buffer overflow vulnerability that allows a local attacker to execute arbitrary code by...

Exploit for Code Injection in Mjml Mjml_App

MJML Local Code Execution PoC A Proof-Of-Concept for CVE-2024...

Exploit for Cross-site Scripting in Goanother Another_Redis_Desktop_Manager

Another Redis Desktop Manager PoC A Proof-Of-Concept for CVE-2...

CVE-2024-34660

Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code...

CVE-2024-39816

in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write...

CVE-2024-38386

in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write...

PT-2024-28681 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions 4.1.0 and prior Description: The issue allows a local attacker to execute arbitrary code in pre-installed apps through an out-of-bounds write. This poses a security risk to affected systems. Recommendations: For OpenHarmo...

DEBIAN-CVE-2024-42851

Buffer Overflow vulnerability in open source exiftags v.1.01 allows a local attacker to execute arbitrary code via the paresetag function...

PT-2024-30184 · Exiftags +1 · Exiftags +1

Name of the Vulnerable Software and Affected Versions: exiftags version 1.01 Description: A Buffer Overflow vulnerability in exiftags allows a local attacker to execute arbitrary code via the paresetag function. This issue enables local code execution. Recommendations: For exiftags version 1.01, ...

CVE-2024-43791

RequestStore provides per-request global storage for Rack. The files published as part of requeststore 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not...

UBUNTU-CVE-2024-43791

RequestStore provides per-request global storage for Rack. The files published as part of requeststore 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not...

CVE-2024-43791

RequestStore provides per-request global storage for Rack. The files published as part of requeststore 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not...

CVE-2024-42679

SQL Injection vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the/ajax/Login.ashx component...

CVE-2024-42678

Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component...

PT-2024-30103 · Unknown · Super Easy Enterprise Management System

Name of the Vulnerable Software and Affected Versions: Super easy enterprise management system versions 1.0.0 and earlier Description: The issue allows a local attacker to execute arbitrary code via a crafted script to the "/WebSet/DlgGridSet.html" component. This enables the attacker to perform...

PT-2024-28880 · Martin Kucej · I-Librarian

Name of the Vulnerable Software and Affected Versions: Martin Kucej i-librarian versions 5.11.0 and before Description: The issue allows a local attacker to execute arbitrary code via the search function in the import component. This is a Cross Site Scripting vulnerability. Recommendations: For...

SUSE CVE-2024-7538

oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

SUSE CVE-2024-7543

oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

SUSE CVE-2024-7544

oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

SUSE CVE-2024-7546

oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...