NanaZip 安全漏洞

NanaZip is a compression software open-source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained security vulnerabilities. These vulnerabilities stemmed from the Open method in the littlefs file system image resolver, which directly read the BlockCount value controlled by...

PT-2026-38895

Summary Submodule name validation bypass plus missing validation in production code paths allows path traversal via crafted .gitmodules. Combined with a trust inheritance flaw in Submodule::open, this enables reading arbitrary git repository configs including credentials from traversed paths with...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Input: synaptics - fix crash when enabling pass-through port When enabling a pass-through port an interrupt might come before psmouse driver binds to the pass-through port. However synaptics sub-driver tries to access psmouse...

kernel: Input: synaptics - fix crash when enabling pass-through port

In the Linux kernel, the following vulnerability has been resolved: Input: synaptics - fix crash when enabling pass-through port When enabling a pass-through port an interrupt might come before psmouse driver binds to the pass-through port. However synaptics sub-driver tries to access psmouse...

SUSE CVE-2022-48811

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in ibmvnicopen If ibmvnicopen encounters an error such as when setting link state, it calls releaseresources which frees the napi structures needlessly. Instead, have ibmvnicopen only clean up the work...

Nokogiri: Command injection

Background Nokogiri is an HTML, XML, SAX, and Reader parser. Description A command injection vulnerability in Nokogiri allows commands to be executed in a subprocess by Ruby’s Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being...

Simple Ruby Exec with Open and Pipe

I was researching something else and thought this was a cool way to execute a command through the open method in ruby: 1 | open"|CMD" ---|--- The key is starting the open with pipe. For example, 1 | open"|ls" ---|--- Or to exec and print the result in one line: 1 | open"|ls".each |out| puts out...

Simple Ruby Exec with Open and Pipe

I was researching something else and thought this was a cool way to execute a command through the open method in ruby: 1 | open"|CMD" ---|--- The key is starting the open with pipe. For example, 1 | open"|ls" ---|--- Or to exec and print the result in one line: 1 | open"|ls".each |out| puts out...

Hewlett-Packard POS Keyboard OPOS Drivers OPOSPOSKeyboard.ocx Open Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard POS Keyboard OPOS Drivers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...

CVE-2014-8269

Multiple stack-based buffer overflows in 1 HWOPOSScale.ocx and 2 HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file that is improperly handled by the Open method...

Stack overflow

Multiple stack-based buffer overflows in 1 HWOPOSScale.ocx and 2 HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file that is improperly handled by the Open method...

CVE-2014-8269

Multiple stack-based buffer overflows in 1 HWOPOSScale.ocx and 2 HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file that is improperly handled by the Open method...

Buffer overflow

Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 allow remote attackers to execute arbitrary code via a long parameter to the 1 Open, 2 Close, or 3 SetCurrentLanguage method...

VulnCheck KEV: CVE-2007-4816

Multiple buffer overflows in the BaoFeng2 storm ActiveX control in Mps.dll allow remote attackers to have an unknown impact via a long 1 URL, 2 backImage, or 3 titleImage property value; 4 a long first argument to the advancedOpen method; a long argument to the 5 isDVDPath or 6...

Excel Viewer ActiveX buffer overflow

Buffer overflow in Open method...

CVE-2008-3957

CVE-2008-3957 involves the Microsoft Windows Image Acquisition Logger ActiveX control. The vulnerability allows remote attackers to force the download of arbitrary files onto a client system by supplying a URL in the first argument to Open, combined with a full destination pathname in the first a...

PT-2008-5214 · Ultra · Ultra Office Control

Name of the Vulnerable Software and Affected Versions: Ultra Office Control version 2.0.2008.801 and earlier Description: The issue allows remote attackers to force the download of arbitrary files onto a client system. This is achieved by using a URL in the first argument to the Open method, in...