dokuwiki-autodoc (>=0.0.8 <=1.6.2), ocx-common (>=1.2.5 <=2.7.0) +2 more potentially affected by CVE-2019-25338 via dokuwiki (=1.3.3)

dokuwiki PYPI version =1.3.3 is affected by a known vulnerability. The following packages have a transitive dependency on dokuwiki and may be impacted: - dokuwiki-autodoc =0.0.8, =1.2.5, =2.7.0 - ocx-reader =0.1.0 - ocx-schema-parser =2.0.1 Source cves: CVE-2019-25338 Source advisory:...

CVE-2021-47719

CVE-2021-47719 affects COMMAX WebViewer ActiveX Control 2.1.4.5. The root cause is a buffer overflow in Commax_WebViewer.ocx triggered by processing excessively long string arrays across multiple functions, enabling potentially arbitrary code execution. Documents consistently describe boundary er...

CVE-2022-4983

The CVE-2022-4983 issue affects TEC-IT TBarCode 11.15, specifically the TBarCode11.ocx ActiveX/OCX control’s INI-based licensing handling. Reported as enabling remote creation of files on the host filesystem, the vulnerability can lead to code execution or persistence within the hosting process c...

EUVD-2017-18870

Malware in sbrugna...

EUVD-2008-1492

Malware in sbrugna...

CVE-2008-20001

activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitrary code in the context of the vulnerable process. Although t...

CVE-2008-20001

activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitrary code in the context of the vulnerable process. Although t...

CVE-2011-5292

The EaseWeFtp.FtpLibrary ActiveX control in EaseWeFtp.ocx in Easewe FTP OCX 4.5.0.9 does not restrict access to certain methods, which allows remote attackers to execute arbitrary files via a pathname in the first argument to the 1 Execute or 2 Run method, 3 write to arbitrary files via a pathnam...

CVE-2010-4601

Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related to third-party .ocx files...

CVE-2019-19168

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

The vulnerability of the thunderx_ocx_com_threaded_isr() function in the drivers/edac/thunderx_edac.c driver of the EDAC (Error Detection and Correction) kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the thunderxocxcomthreadedisr function in the drivers/edac/thunderxedac.c driver of the EDAC Error Detection and Correction kernel of the Linux operating system is related to memory writing beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to...

Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware

A Windows living-off-the-land binary LOLBin known as Regsvr32 is seeing a big uptick in abuse of late, researchers are warning, mainly spreading trojans like Lokibot and Qbot. LOLBins are legitimate, native utilities used daily in various computing environments, that cybercriminals use to evade...

IMGTech Zoneplayer ZInsX.ocx ActiveX Control Input Validation Error Vulnerability

IMGTech Zoneplayer is a media player from the Korean company IMGTech.ZInsX.ocx ActiveX Control is one of the controls. An input validation error vulnerability exists in ZInsX.ocx ActiveX Control 2.0.1.3 and earlier versions of IMGTech Zoneplayer. An attacker can exploit this vulnerability to...

CVE-2020-7803

IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, version 2.0.1.4 and prior versions on Windows. File Donwload vulnerability in ZInsX.ocx of IMGTech Co,Ltd Zoneplayer allows attacker to cause arbitrary code execution...

Raonwiz Dext5.ocx ActiveX Code Execution Vulnerability

Raonwiz Dext5.ocx ActiveX is a control from Raonwiz Korea for use in the Dext5 Upload file transfer software development kit. A security vulnerability exists in Raonwiz Dext5.ocx ActiveX 5.0.0.116 and earlier versions. A remote attacker can exploit the vulnerability by setting the parameter to...

CVE-2019-19169

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

CVE-2019-19169

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

CVE-2019-19168

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

Code injection

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

Code injection

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...