CAJViewer has a binary vulnerability (CNVD-2021-41047)

CAJviewer is a specialized full-text format reader for China Journal Network CJN, which supports TEB, NH, CAJ, KDH and PDF files of CJN. A binary vulnerability exists in CAJViewer, which can be exploited by attackers to execute malicious code on a user's system...

Memory Corruption Vulnerability in Lovecraft Universal Link (CNVD-2021-40252)

Lovecraft Universal Link is a universal video and audio player from Lovecraft. A memory corruption vulnerability exists in Aqiyi Universal Media Player. An attacker can exploit the vulnerability to execute malicious code or crash the program...

Memory Corruption Vulnerability in Lovecraft Universal Link (CNVD-2021-40251)

Lovecraft Universal Link is a universal video and audio player from Lovecraft. A memory corruption vulnerability exists in Aqiyi Universal Media Player. An attacker can exploit the vulnerability to execute malicious code or crash the program...

Remote code execution vulnerability in WeChat windows version

WeChat for windows is a cross-platform communication tool. A remote code execution vulnerability exists in WeChat for windows, which can be exploited by attackers to execute malicious code...

Secomea GateManager Cross-Site Request Forgery Vulnerability

GateManager is a VPN server from Secomea. A cross-site request forgery vulnerability exists in the web GUI of Secomea GateManager versions prior to 9.4. An attacker can exploit this vulnerability to execute malicious code...

CVE-2020-29030

Cross-Site Request Forgery CSRF vulnerability in web GUI of Secomea GateManager allows an attacker to execute malicious code. This issue affects: Secomea GateManager All versions prior to 9.4...

Wuhan Douyu Fish Music Network Technology Co., Ltd Douyu Live Companion suffers from dll hijacking vulnerability (CNVD-2021-21511)

Douyu Live Companion is a live streaming software specially developed for the anchors of Douyu. Wuhan Douyu Fish Music Network Technology Co. Douyu Live Companion has a dll hijacking vulnerability, which can be exploited by attackers to execute malicious code and obtain server privileges...

Arbitrary Code Execution

grub2 is vulnerable to arbitrary code execution. An attacker could bypass the Secure Boot mechanism via triggering a memory corruption which allows for malicious code execution...

Directory Traversal

salt is vulnerable to directory traversal. The salt.wheel.pillarroots.write method allows for directory traversal and can potentially lead to malicious code execution...

Remote Code Execution

gramaddict is vulnerable to remote code execution. The usage of UIAutomator2 and ATX-Agent allows an attacker to reach TCP port 7912, subsequently allowing to trigger malicious code execution, e.g., by being on the same Wi-Fi network...

OTRS AG Survey 跨站脚本漏洞

OTRS AG Survey is a Perl-based customer survey appliance from OTRS Germany. The tool is intended for use in sending e-mails to customers after a ticket has been closed. A cross-site scripting vulnerability exists in OTRS AG Survey that can be exploited by an attacker to execute malicious code in...

CentOS 8 : qt5-qtbase and qt5-qtwebsockets (CESA-2020:4690)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4690 advisory. - qt: XML entity expansion vulnerability CVE-2015-9541 - qt5-qtwebsockets: websocket implementation allows only limited size for frames and messages...

Himalaya (Windows client) suffers from a dll hijacking vulnerability (CNVD-2021-10376)

Himalaya is a professional audio sharing platform. A dll hijacking vulnerability exists in Himalaya Windows client, which can be exploited by attackers to execute arbitrary malicious code via the client...

Lumia Gaming Accelerator has a dll hijacking vulnerability

LuMaster Gaming Accelerator is an official game gas pedal software from LuMaster. There is a dll hijacking vulnerability in LuMaster Gaming Accelerator. Attackers can use this vulnerability to execute malicious code...

LuMaster Game Inventory in dll Hijacking Vulnerability

LuMaster Game Library is a game application library software officially launched by LuMaster. LU Master Game Library is vulnerable to dll hijacking. An attacker can exploit this vulnerability to execute malicious code...

Ali Want Want windows new version suffers from dll hijacking vulnerability (CNVD-2021-12703)

Aliwangwang is a personal transaction communication software customized for Taobao, which facilitates real-time communication between buyers and sellers in the transaction process. A dll hijacking vulnerability exists in the new version of Ali Want Want for Windows. Attackers can use the...

Ali Want Want windows new version suffers from dll hijacking vulnerability (CNVD-2021-12702)

Aliwangwang is a personal transaction communication software customized for Taobao, which facilitates real-time communication between buyers and sellers in the transaction process. A dll hijacking vulnerability exists in the new version of Ali Want Want for Windows. Attackers can use the...

Ali Want Want windows new version suffers from dll hijacking vulnerability (CNVD-2021-12701)

Aliwangwang is a personal transaction communication software customized for Taobao, which facilitates real-time communication between buyers and sellers in the transaction process. A dll hijacking vulnerability exists in the new version of Ali Want Want for Windows. Attackers can use the...

M&M Fdtcontainer Code Issue Vulnerability

M&M Fdtcontainer is a plug-and-play FDT framework application that can be customized to meet the needs of customers by China Meiming M&M. A code issue vulnerability exists in M&M fdtCONTAINER component Version 3, which can be exploited by an attacker to load a manipulated project file and malicio...

Hi-Format Recording Master is vulnerable to dll hijacking.

Hi Format Screen Recording Master is a screen recording software. Hi Format Screen Recorder client has a dll hijacking vulnerability that can be exploited by attackers to execute malicious code...