CVE-2021-47719

CVE-2021-47719 affects COMMAX WebViewer ActiveX Control 2.1.4.5. The root cause is a buffer overflow in Commax_WebViewer.ocx triggered by processing excessively long string arrays across multiple functions, enabling potentially arbitrary code execution. Documents consistently describe boundary er...

CVE-2022-4983

The CVE-2022-4983 issue affects TEC-IT TBarCode 11.15, specifically the TBarCode11.ocx ActiveX/OCX control’s INI-based licensing handling. Reported as enabling remote creation of files on the host filesystem, the vulnerability can lead to code execution or persistence within the hosting process c...

EUVD-2017-18870

Malware in sbrugna...

EUVD-2008-1492

Malware in sbrugna...

CVE-2008-20001

activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitrary code in the context of the vulnerable process. Although t...

CVE-2008-20001

activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitrary code in the context of the vulnerable process. Although t...

CVE-2011-5292

The EaseWeFtp.FtpLibrary ActiveX control in EaseWeFtp.ocx in Easewe FTP OCX 4.5.0.9 does not restrict access to certain methods, which allows remote attackers to execute arbitrary files via a pathname in the first argument to the 1 Execute or 2 Run method, 3 write to arbitrary files via a pathnam...

CVE-2010-4601

Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related to third-party .ocx files...

CVE-2019-19168

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware

A Windows living-off-the-land binary LOLBin known as Regsvr32 is seeing a big uptick in abuse of late, researchers are warning, mainly spreading trojans like Lokibot and Qbot. LOLBins are legitimate, native utilities used daily in various computing environments, that cybercriminals use to evade...

IMGTech Zoneplayer ZInsX.ocx ActiveX Control Input Validation Error Vulnerability

IMGTech Zoneplayer is a media player from the Korean company IMGTech.ZInsX.ocx ActiveX Control is one of the controls. An input validation error vulnerability exists in ZInsX.ocx ActiveX Control 2.0.1.3 and earlier versions of IMGTech Zoneplayer. An attacker can exploit this vulnerability to...

CVE-2020-7803

IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, version 2.0.1.4 and prior versions on Windows. File Donwload vulnerability in ZInsX.ocx of IMGTech Co,Ltd Zoneplayer allows attacker to cause arbitrary code execution...

Raonwiz Dext5.ocx ActiveX Code Execution Vulnerability

Raonwiz Dext5.ocx ActiveX is a control from Raonwiz Korea for use in the Dext5 Upload file transfer software development kit. A security vulnerability exists in Raonwiz Dext5.ocx ActiveX 5.0.0.116 and earlier versions. A remote attacker can exploit the vulnerability by setting the parameter to...

CVE-2019-19169

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

CVE-2019-19169

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

CVE-2019-19168

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

Code injection

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

Code injection

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

CVE-2019-19168

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

CVE-2019-19168

CVE-2019-19168 affects Dext5.ocx ActiveX (version 5.0.0.116 and earlier). The vulnerability allows a remote attacker to download and execute an arbitrary file by setting arguments to the ActiveX method, enabling code execution. Connected sources (Red Hat, CNVD/CVE records, CVE details) corroborat...