CVE-2023-51123

An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the service parameter in the soapcgimain function of the cgibin binary component...

SUSE CVE-2023-35961

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...

DEBIAN-CVE-2023-35961

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...

DEBIAN-CVE-2023-35960

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy...

Command injection

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...

CVE-2023-35960

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy...

UBUNTU-CVE-2023-35960

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy...

CVE-2023-35961

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...

PT-2024-12533 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a...

CVE-2024-22087

route in main.c in Pico HTTP Server in C through f3b69a6 has an sprintf stack-based buffer overflow via a long URI, leading to remote code execution...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security bypass vulnerability, which is caused by a vulnerability in API privilege validation in the DownloadProviderMain...

The vulnerability in the main() function of the csteccgi.cgi script (/cgi-bin/cstecgi.cgi?action=login) of the TOTOLINK A7100RU router software allows a perpetrator to execute arbitrary commands.

The vulnerability of the main function in the csteccgi.cgi script /cgi-bin/cstecgi.cgi?action=login of the TOTOLINK A7100RU router software is related to the output of operations that go beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

NewStart CGSL MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2023-0057)

The remote NewStart CGSL host, running version MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlinkcit.c aka the Xirlink camera USB driver mishandles invalid descriptors, aka CID-a246b4d54770...

NewStart CGSL MAIN 6.06 : bind Multiple Vulnerabilities (NS-SA-2023-0094)

The remote NewStart CGSL host, running version MAIN 6.06, has bind packages installed that are affected by multiple vulnerabilities: - By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter...

NewStart CGSL MAIN 6.06 : libgcrypt Vulnerability (NS-SA-2023-0085)

The remote NewStart CGSL host, running version MAIN 6.06, has libgcrypt packages installed that are affected by a vulnerability: - The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous...

NewStart CGSL MAIN 5.04 : expat Vulnerability (NS-SA-2023-0070)

The remote NewStart CGSL host, running version MAIN 5.04, has expat packages installed that are affected by a vulnerability: - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this issue but has instead relied...

NewStart CGSL MAIN 6.06 : kernel Multiple Vulnerabilities (NS-SA-2023-0083)

The remote NewStart CGSL host, running version MAIN 6.06, has kernel packages installed that are affected by multiple vulnerabilities: - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may allow code...

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0059)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of...

NewStart CGSL MAIN 6.06 : aide Vulnerability (NS-SA-2023-0093)

The remote NewStart CGSL host, running version MAIN 6.06, has aide packages installed that are affected by a vulnerability: - AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based buffer...

NewStart CGSL MAIN 5.04 : krb5 Multiple Vulnerabilities (NS-SA-2023-0102)

The remote NewStart CGSL host, running version MAIN 5.04, has krb5 packages installed that are affected by multiple vulnerabilities: - The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/dotgsreq.c via a FAST inne...