PT-2021-4939 · Advantech +1 · Advantech R-Seenet +1

Name of the Vulnerable Software and Affected Versions: Advantech R-SeeNet version 2.4.15 Description: A privilege escalation issue exists in the Windows version of Advantech R-SeeNet, related to insufficient access control to the directory C:R-SeeNet. This can allow an attacker to elevate their...

PT-2021-5251 · Foxit · Foxit Reader +2

Name of the Vulnerable Software and Affected Versions: Foxit PDF Editor affected versions not specified Foxit PhantomPDF affected versions not specified Foxit Reader affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations...

PT-2021-4155 · Microsoft · Windows Dns Server +1

Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is related to incorrect code generation management in the Windows DNS Server component, allowing remote attackers to execute arbitrary code and affect the system...

RHEL 8 : ruby:2.7 (RHSA-2021:2584)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2584 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

PT-2021-17860 · Seo Panel · Seo Panel

Name of the Vulnerable Software and Affected Versions: Seo Panel version 4.8.0 Description: A cross-site scripting XSS issue allows remote attackers to inject JavaScript via settings.php and the category parameter. Recommendations: For Seo Panel version 4.8.0, consider disabling access to...

多款 Trend Micro 产品信息泄露漏洞

Trend Micro OfficeScan XG is a suite of distributed anti-virus software.Trend Micro Apex One is a suite of endpoint security software that provides automated threat detection and response. Trend Micro Worry-Free Business Security is a suite of enterprise-class information security protection...

Trend Micro Apex One and OfficeScan XG Incorrect Access Control Information Disclosure Vulnerability (CNVD-2020-73779)

Trend Micro Apex One is a suite of endpoint security protection software from Trend Micro that provides automated threat detection and response capabilities.Trend Micro OfficeScan XG is a suite of distributed anti-virus software from Trend Micro. An incorrect access control information disclosure...

CVE-2020-28583

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information...

PT-2020-4088 · Microsoft · Windows Jet Database Engine +1

Name of the Vulnerable Software and Affected Versions: Windows Jet Database Engine affected versions not specified Description: A remote code execution issue exists due to the improper handling of objects in memory by the Windows Jet Database Engine. This could allow an attacker to execute...

OPENSUSE-SU-2020:1056-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock ...

PT-2020-3263 · Oracle · Oracle Help Technologies

Name of the Vulnerable Software and Affected Versions: Oracle Help Technologies versions 11.1.1.9.0 through 12.2.1.3.0 Description: The issue is related to insufficient input validation in the Web UIX component of Oracle Help Technologies, allowing an unauthenticated attacker with network access...

PT-2021-10979 · Speex +1 · Speex +1

Name of the Vulnerable Software and Affected Versions: Speex version 1.2 Description: A stack buffer overflow in speexenc.c allows attackers to cause a denial of service DoS via a crafted WAV file. The vendor states that the issue cannot be reproduced and that it is a demo program. Recommendation...

PT-2020-2027

Name of the Vulnerable Software and Affected Versions VMware vCenter Server versions prior to the fixed version Description The issue is related to insufficient access control in the VMware Directory Service vmdir of VMware vCenter Server. This can allow a remote attacker to elevate their...

Huawei VRP Detection (SSH Login)

SSH login-based detection of Huawei Versatile Routing Platform VRP network devices. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

PT-2020-6504 · D Link · D-Link Dap-2020

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2020 version 1.01rc001 Description: The issue is related to a stack-based buffer overflow when handling the var:page parameter provided to the "webproc" endpoint. This occurs due to the lack of proper validation of the length of...

CVE-2019-2419

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects component of Oracle PeopleSoft Products subcomponent: Form and Approval Builder. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

PT-2023-15459 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC MP4box version 2.1-DEV-rev649-ga8f438d20 Description: The issue is related to a buffer overflow in the h263dmx process function, specifically in the reframe h263.c file at line 609. This buffer overflow occurs in the h263dmx process...

CVE-2018-8453

“An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory” – MITRE description. Recent assessments: jrobles-r7 at June 17, 2019 6:51pm UTC reported: The handling of objects in memory allowed for a double-free of a memory region...

PT-2018-10474 · Roku · Roku

Name of the Vulnerable Software and Affected Versions: Roku and Roku TV products affected versions not specified Description: The issue allows unauthorized access to the device via a DNS Rebind attack, potentially resulting in remote device control and the exfiltration of privileged device and...

PT-2018-16856 · Malwarebytes · Malwarebytes Premium

Name of the Vulnerable Software and Affected Versions: Malwarebytes Premium version 3.3.1.2183 Description: The issue allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E020 in the driver file...